Pete Recommends – Weekly highlights on cyber security issues, October 16, 2021

Subject: Week in review: Electronic warfare, cybersecurity career plan, Patch Tuesday forecast
Source: Help Net Security
https://www.helpnetsecurity.com/2021/10/10/week-in-review-electronic-warfare-cybersecurity-career-plan-patch-tuesday-forecast/

[lots and lots of summaries — pick n’ choose … ] Here’s an overview of some of last week’s most interesting news, articles and interviews:

e.g., Finding the right mix: Leveraging policy and incentives to improve healthcare cybersecurity. When businesses are hit by a cyberattack, it can mean a disruption in operations, lost revenue and customer dissatisfaction because their personal information is exposed. But for the healthcare sector, the impact is far greater; cyberattacks can be a matter of life or death.


Subject: McAfee/FireEye merger completed, CEO says automation only way forward for cybersecurity
Source: ZDNnet
https://www.zdnet.com/article/mcafeefireeye-merger-completed-ceo-says-automation-only-way-forward-for-cybersecurity/

McAfee Enterprise and FireEye completed their merger on Friday, closing the $1.2 billion, all cash transaction that merges the two cybersecurity giants.

FireEye announced the sale of its FireEye Products business to a consortium led by Symphony Technology Group (STG) in July, separating the company’s network, email, endpoint and cloud security products from Mandiant’s software and services.

“Aligning McAfee Enterprise’s device-to-cloud cybersecurity solutions with FireEye’s robust portfolio of products presents an extraordinary opportunity for helping keep customers everywhere safe and secure,” STG managing partner William Chisholm said.

In an interview, Palma told ZDNet that the sophistication of threats and the deficit of cybersecurity talent means companies will need to rely more on automation, artificial intelligence and machine learning.

“We also see these supply chain attacks, which we were obviously directly involved in at FireEye with everything that happened with SolarWinds. There are so many zero-days still out there and that’s still an entry point for many hackers. There’s ransomware and still good old-fashioned phishing. There’s a combination of really new, sophisticated threats that I think have raised the bar and then the traditional ways that hackers come after organizations.”

For the future, Palma said the new company is focusing on leading the way with XDR and statistical models to help address the sophistication of adversaries.

Topic: Security


Subject: Verify End-Users at the Helpdesk to Prevent Social Engineering Cyber Attack
Source: The Hacker News
https://thehackernews.com/2021/10/verify-end-users-at-helpdesk-to-prevent.html

Although organizations commonly go to great lengths to address security vulnerabilities that may exist within their IT infrastructure, an organization’s helpdesk might pose a bigger threat due to social engineering attacks.

Social engineering is “the art of manipulating people so they give up confidential information,” according to Webroot. There are many different types of social engineering schemes but one is area of vulnerability is how social engineering might be used against a helpdesk technician to steal a user’s credentials.


Subject: Study reveals Android phones constantly snoop on their users
Source: BleepingComputer
https://www.bleepingcomputer.com/news/security/study-reveals-android-phones-constantly-snoop-on-their-users/

A new study by a team of university researchers in the UK has unveiled a host of privacy issues that arise from using Android smartphones.

The researchers have focused on Samsung, Xiaomi, Realme, and Huawei Android devices, and LineageOS and /e/OS, two forks of Android that aim to offer long-term support and a de-Googled experience

The conclusion of the study is worrying for the vast majority of Android users .

With the notable exception of /e/OS, even when minimally configured and the handset is idle these vendor-customized Android variants transmit substantial amounts of information to the OS developer and also to third parties (Google, Microsoft, LinkedIn, Facebook, etc.) that have pre-installed system apps. – Researchers.

As the summary table indicates, sensitive user data like persistent identifiers, app usage details, and telemetry information are not only shared with the device vendors, but also go to various third parties, such as Microsoft, LinkedIn, and Facebook.

Related Articles:

Topics:


Subject: White House developing bill of rights to protect against data-driven technology abuses
Source: FedScoop
https://www.fedscoop.com/white-house-technology-bill-of-rights/

The White House plans to develop a bill of rights that data-driven technologies like facial recognition must respect based, according to a request for information issued Friday.

The new document will be in part based on input from government agencies, academia and industry. The Office of Science and Technology Policy (OSTP) seeks information on public and private biometrics use cases, where the technology was used to verify identity, identify people or determine attributes like a person’s mental or emotional state.

Machine-learning algorithms employed by such technologies depend heavily on the data used to train them, and biased datasets lead to biased outcomes that can violate people’s civil rights. The government may ultimately decide to refuse or ban problematic data-driven technologies, of which biometrics form a large subset.

-In this Story-

Alondra Nelson, biometrics, Eric Lander, facial recognition, machine learning, Office of Science and Technology Policy


Subject: What Google learned after analyzing 80M ransomware samples: 5 things to know
Source: Becker’s Healh IT
https://www.beckershospitalreview.com/cybersecurity/what-google-learned-after-analyzing-80m-ransomware-samples-5-things-to-know.html

There were more than a hundred active ransomware groups active in 2020, according to an October report by Google Cloud’s Virus Total.

For the report, researchers analyzed more than 80 million potential ransomware-related samples submitted over a year and a half. There were 140 countries that submitted samples.

Filed in: https://www.beckershospitalreview.com/cybersecurity.html

RSS feed: https://www.beckershospitalreview.com/cybersecurity.feed?type=rss


Subject: Ongoing Cyber Threats to U.S. Water and Wastewater Systems Sector Facilities
Source: CISA
https://us-cert.cisa.gov/ncas/current-activity/2021/10/14/ongoing-cyber-threats-us-water-and-wastewater-systems-sector

CISA, the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) that details ongoing cyber threats to U.S. Water and Wastewater Systems (WWS) Sector. This activity—which includes cyber intrusions leading to ransomware attacks—threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities. The joint CSA provides extensive mitigations and resources to assist WWS Sector facilities in strengthening operational resilience and cybersecurity practices.

CISA has also released a Cyber Risks & Resources for the Water and Wastewater Systems Sector infographic that details both information technology and operational technology risks the WWS Sector faces and provides select resources.


Subject: The definitive ranking of two-factor authentication methods
Source: Android Central
https://www.androidcentral.com/definitive-ranking-two-factor-authentication-methods

You should be using two-factor authentication on every account that gives you the option. There is no better way to keep your account secure and no matter who you are you should want all of your accounts to be as secure as possible. It also doesn’t matter which phone you use — 2FA works with a cheap Android phone, the best Android phone, or an iPhone. You’ve heard all of this before.

All two-factor methods are not created equal though. Like every other user-facing security measure you have to trade some convenience for protection and the most secure methods of 2FA are also the least convenient. Conversely, the most convenient methods are also the least secure.

VPN Deals: Lifetime license for $16, monthly plans at $1 & more

We’re going to take a look at the different ways you can use two-factor authentication and discuss the pros and cons of each.


Subject: Government Secretly Orders Google To Identify Anyone Who Searched A Sexual Assault Victim’s Name, Address And Telephone Number
Source: Forbes via beSpacific
https://www.bespacific.com/government-secretly-orders-google-to-identify/

Forbes: “The U.S. government is secretly ordering Google to provide data on anyone typing in certain search terms, an accidentally unsealed court document shows. There are fears such “keyword warrants” threaten to implicate innocent Web users in serious crimes and are more common than previously thought…It’s a rare example of a so-called keyword warrant and, with the number of search terms included, the broadest on record. Before this latest case, only two keyword warrants had been made public. One revealed in 2020 asked for anyone who had searched for the address of an arson victim who was a witness in the government’s racketeering case against singer R Kelly…

Posted in: AI, Congress, Cybercrime, Cybersecurity, Economy, Government Resources, Healthcare, Privacy, Search Engines