News

Cybersecurity Weekly: Model response to cyber attack, Ecuador data leak, whistleblower phishing site

Sam Fay
September 21, 2019 by
Sam Fay

Arizona schools demonstrate the model response to a malware attack. A marketing analytics company leaks deep profiles of the entire Ecuador population. A new phishing attack targets the whistleblower submission site for The Guardian. All this, and more, in this week’s edition of Cybersecurity Weekly.

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

1. Arizona schools provide model for managing ransomware

On Wednesday, September 4, 2019, ransomware was discovered at Flagstaff Unified School District in Arizona. Schools were closed on Thursday and Friday of that week, but reopened after the weekend. No ransom was paid, and only two school days were lost. This case is a great example of how to prepare for and mitigate the effects of ransomware.
Read more »

2. Your users aren’t the weakest link — they’re integral to your security program

As a security concept, zero trust is based on the principle that organizations should never automatically trust anything inside or outside their perimeters. Instead, they must verify everyone and everything trying to connect to their systems before granting access. This is a responsibility held by everyone, and it requires a unified effort to be successful.
Read more »

3. Marketing analytics company leaks deep profiles of entire Ecuador population

A marketing analytics company just leaked personal information from the entire population of Ecuador. The leaked database includes records gleaned from Ecuadorian government registries, an automotive association and the Ecuadorian national bank. These leaked records included full names, date of birth, address, email address, phone numbers and taxpayer IDs.
Read more »

4. Phishing attack targets The Guardian's whistleblowing site

The Guardian's SecureDrop whistleblower submission site was mimicked by a phishing page that attempted to harvest the unique code names of its sources. Once the attackers gain access to a source's codename, they can login to The Guardian's real SecureDrop site and steal information and communications.
Read more »

5. U.S. sues Edward Snowden over his memoir

The former IT contractor turned whistleblower failed to get government clearance for the book's allegedly sensitive material and is now being sued for violation of non-disclosure agreements. the U.S. Attorney's Office said it aims “to recover all proceeds earned by Snowden because of his failure to submit his publication for pre-publication review.”
Read more »

6. The defender’s dilemma

Officials at the Homeland Security Department think they can bring more of that limited cyber talent into government by flipping the hiring process on its head. The Cyber Talent Management System, set to debut in early 2020, will do away with entire General Schedule system and give Homeland Security officials more flexibility in the jobs, salaries and benefits.
Read more »

7. Researcher drops phpMyAdmin zero-day affecting all versions

The flaw was given a medium rating because of its limited scope that only allows an attacker to delete any server configured in the setup page of a phpMyAdmin panel on a victim's server. However, the vulnerability is trivial to exploit because other than knowing the URL of a targeted server, an attacker doesn't need any other information, like the name of the databases.
Read more »

8. Emotet returns from summer vacation, ramps up stolen email tactic

Less than a month after reactivating its command and control servers, the Emotet botnet has come to life by spewing spam messages to countries around the globe. To protect against this revival of Emotet, people should employ strong passwords, opt in to multi-factor authentication and keep an eye out for unexpected email messages.
Read more »

9. 125 new flaws found in routers and NAS devices from popular brands

According to security researchers, all of the widely-used devices they tested had at least one web application vulnerability that could allow an attacker to gain remote shell access or access to the administrative panel of the affected device. These vulnerabilities include cross-site scripting (XSS), cross-site request forgery (CSRF), SQL injection and several others.
Read more »

Phishing simulations & training

Phishing simulations & training

Build the knowledge and skills to stay cyber secure at work and home with 2,000+ security awareness resources. Unlock the right subscription plan for you.

10. Gamification: A winning strategy for cybersecurity training

Studies show that 90% of data breaches are caused by human error — usually caused by a phishing campaign or similar attack. As a result, employee security awareness training has come under sharp focus as companies work to combat the ongoing epidemic of cybercrime. So how can these companies get their employees to care about the training? Enter, gamification.
Read more »

Sam Fay
Sam Fay