CyberSecurity News: Top week’s news (Dec 14, 2018)

US Legislators Can Spend Surplus Campaign Funds on Cybersecurity(December 13, 2018)
  The US Federal Elections Commission says that federal legislators may use surplus campaign funds to bolster cybersecurity for their personal devices and online accounts. The decision came in response to an advisory opinion request from Senator Ron Wyden (D-Oregon).
Read more in:
– www.theregister.co.uk
: US elections watchdog says it’s OK to spend surplus campaign cash

Italy’s Saipem Hit with Shamoon Data-Wiping Malware(December 12 & 13, 2018)
  A new version of the Shamoon data-wiping malware has been used to target computers that belong to Italy’s Saipem, an oil and gas contractor, which does the majority of its business in the Middle East. About 10 percent of the company’s PCs were affected by the malware. Saipem is a contractor for Saudi Aramco, which was the target of earlier, highly-destructive Shamoon attacks. The newest version of Shamoon overwrites files with junk data.
Read more in:
– threatpost.com
: Shamoon Reappears, Poised for a New Wiper Attack

Read more in:
– threatpost.com
: Shamoon Reappears, Poised for a New Wiper Attack

Maritime Cybersecurity Guidance(December 12, 2018)
  Shipping associations and industry groups have published the third edition of the “Guidelines on Cyber Security Onboard Ships,” which offers guidance for securing ships’ IT systems. The document also includes examples of cybersecurity and IT failure incidents, including a virus infection found on a ship’s Electronic Chart Display and Information System (ECDIS) that delayed the vessel’s departure. In other cases, systems failed due to outdated operating systems, thumb drives infected systems with malware, and ransomware infected onboard IT systems as well as shipping company backend systems. Perhaps the most well-known incident involved systems at the Maersk cargo shipping line, which became infected with the NotPetya malware. The company had to reinstall more than 4,000 servers, more than 45,000 PCs, and incurred costs of more than US $300 million.
Read more in:
– www.zdnet.com
: Ships infected with ransomware, USB malware, worms

Operation Sharpshooter(December 12, 2018)
  The Operation Sharpshooter phishing campaign uses phony job recruitment documents to place backdoors on computers at nuclear, defence, energy, and financial companies. The backdoor malware, dubbed Rising Sun, has been detected on systems at least 87 organizations, according to McAfee Labs. The campaign uses source code that was used in the Lazarus Group’s 2015 Trojan Duzer backdoor. While this could suggest that the Lazarus Group is behind Sharpshooter, McAfee cautions that “numerous technical links to the Lazarus Group seem too obvious to immediately draw the conclusion that they are responsible for the attacks, and instead indicate a potential for false flags.”
Read more in:
– www.mcafee.com
: Operation Sharpshooter (PDF)

China Cyberespionage Threat(December 11 & 12, 2018)
  In a US Senate Judiciary Committee hearing, Assistant Director of the FBI’s Counterintelligence Division Bill Priestap called China “the most severe counterintelligence threat facing our country today.” Officials from the Department of Justice (DOJ) and the Department of Homeland Security (DHS) concurred. Recent news stories suggest that the Marriott breach was allegedly the work of Chinese hackers gathering intelligence.

Read more in:
– www.washingtonpost.com
: Top FBI official warns of strategic threat from China through economic and other forms of espionage

Third-Party Investigation Finds No Evidence of Spy Chips on Super Micro Motherboards(December 11, 2018)
  In a letter to customers, Super Micro President and CEO Charles Liang and other executives wrote that “after thorough examination and a range of functional tests, the [third-party] investigations firm found absolutely no evidence of malicious hardware on out motherboards.” A Bloomberg news story in early October 2018 alleged that Chinese spies had placed “spy chips” on Super Micro motherboards. The allegations have also been refuted by Amazon and Apple, companies that use Super Micro motherboards in their data centers.

Read more in:
– www.supermicro.com
: Letter to Customers

Advertisements


Categories: Cyber news, cyber security news, data breach, malware, weeks security updates

Tags: , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.