Cyber Security Headlines – September 2, 2020

Facebook threatens to block sharing of news stories in Australia

In a response to pressure from the Australian Competition and Consumer Commission that would require Facebook and Google to negotiate with media publishers and pay them for content that appears on their sites, Facebook warned on Monday that it would block users and news organizations in Australia from sharing local and international news stories on both Facebook and Instagram. Google also hinted the same regarding Google search and YouTube, claiming the proposed law gives special treatment to media companies. 

(New York Times)

Maximum lifespan of SSL/TLS certificates is now 398 days

As of yesterday, the lifespan of new SSL and TLS certificates will be limited to 398 days from the previous maximum certificate lifetime of 825 days. In a move intended to boost security, Apple, Google, and Mozilla are set to reject publicly rooted digital certificates in their respective web browsers that expire more than 13 months from their creation date. Certificates issued before the enforcement date won’t be impacted, neither will those that have been issued from user-added or administrator-added root certificate authorities.

(The Hacker News)

Elections offices across the U.S. using faulty electronic technology 

Electronic devices for signing voters in at the polls are being deployed despite a lack of scrutiny and a history of balloting failures. The devices, known as electronic pollbooks, have already caused long lines at primaries in Los Angeles County, Georgia, and numerous other locations. Tampering with e-pollbooks, which do not undergo Federal testing, certification, or oversight, will not change a person’s vote, but malfunctions or cyberattacks could cause delays that prevent people from voting.

(Politico)

Researchers discover new malware family that targets cryptocurrencies

Researchers at ESET state that this previously undocumented trojan malware family “spreads through malicious torrents and uses multiple tricks to squeeze as many cryptocoins as possible from its victims while staying under the radar.” ESET has named the threat, KryptoCibule. It embeds itself within Tor and Transmission torrent clients as well as Apache httpd and the Buru SFTP server and currently primarily targets users in the Czech Republic and Slovakia.

(IT Security Guru)

Thanks to our sponsor, Trusona

Trusona enables enterprises to provide enhanced security and usability to the workforce by removing passwords from the Windows 10 login experience. The solution works with your existing infrastructure without requiring any software or hardware upgrades like Windows Hello, cameras, biometric readers or on-premises servers — making it the most cost-effective and user-friendly to deploy.

Fake login page detections top 50,000 in 2020 so far

According to research from Ironscales, the first half of 2020 saw these fake login pages support hacks and spear-phishing campaigns at more than 200 of the world’s best known brands including Microsoft, PayPal, and Facebook. Nearly 5% of these were polymorphic, with one fake login able to represent more than 300 different login pages. Polymorphism involves slight random changes to an email which fools signature-based email security tools that were not built to recognize such modifications, allowing the email to arrive in an employee’s inbox.

(Infosecurity Magazine)

Cisco warns of actively exploited bugs in carrier-grade routers

Threat actors are trying to exploit two high severity memory exhaustion denial-of-service vulnerabilities in Cisco IOS XR software that runs on carrier-grade routers including NCS and ASR 9000 series. According to Cisco, the security flaws affect any Cisco device running any Cisco IOS XR software release if one of their active interfaces is configured under multicast routing, allowing attackers to cause memory exhaustion, resulting in instability of other processes.

(Bleeping Computer)

BEC attacks become a profitable line of business for cybercriminals

Business Email Compromise (BEC) attacks have become a growing threat, with research from the Anti-Phishing Working Group showing the average loss surging to over $80,000 in Q2 2020. BEC attackers steal legitimate business email account credentials, and then send fraudulent email messages and requests for out-of-channel funds transfers. Recently, the FBI warned that organizations using cloud-based email systems are at highest risk. BEC attacks threaten to grow in popularity since the ROI for hackers is higher and easier than that of sophisticated malware.

(CISOMag)

Cellphones in trees: the new Amazon jungle

Smartphones have been seen dangling from trees in Chicago suburbs close to Amazon.com delivery stations and Whole Foods stores, according to Bloomberg. Contract delivery drivers are putting them there to get early notification of orders by syncing their own phones with the ones in the trees and waiting nearby for an order pickup. The tree phones use software that monitors Amazon’s dispatch network and gives drivers a 15-second advantage over other drivers vying for the order.

(Slashdot)


Steve Prentice
Author, speaker, expert in the area where people and technology crash into each other, viewed from the organizational psychology perspective. Host of many podcasts, voice actor and narrator for corporate media and audiobooks. Ghost-writer for busy executives.