Week in review: Citrix bug under attack, Windows 7 ransomware risk, ATT&CK for ICS

Here’s an overview of some of last week’s most interesting news and articles:

Travelex extorted by ransomware gang, services still offline a week after the hit
On the last day of 2019, foreign exchange company Travelex was hit by cyber attackers wielding the Sodinokibi (aka REvil) ransomware. More than a week later, the company’s websites and online services are still offline despite the company’s remediation efforts.

January 2020 Patch Tuesday forecast: Let’s start the new decade right
The January 2020 Patch Tuesday will provide us with the last free update of Windows 7 and Server 2008/2008 R2. We’ve talked about it for the last several months and it is finally here. Microsoft released additional guidance if you are planning on subscribing to extended security updates; make sure your systems are prepared.

Are you ready for the end of Windows 7 support?
Windows 7 support will end on January 14, 2020. From a security perspective, security patches will not be available.

Attackers exploiting critical Citrix ADC, Gateway flaw, company yet to release fixes
Nearly a month has passed since Citrix released mitigation measures for CVE-2019-19781, a critical vulnerability affecting Citrix Application Delivery Controller and Citrix Gateway, which could lead to remote code execution.

Mozilla patches actively exploited Firefox zero-day
Mozilla has patched a Firefox zero-day vulnerability (CVE-2019-17026) that is being exploited in attacks in the wild and is urging Firefox and Firefox ESR users to update their installations as soon as possible.

Office 365 users: Beware of phishing emails pointing to Office Sway
One of phishers’ preferred methods for fooling both targets and email filters is to use legitimate services to host phishing pages. The latest example of this involves Office 365 users being directed to phishing and malicious pages hosted on Office Sway, a web application for content creation that’s part of Microsoft Office.

RSA Conference 2020 USA: What you can expect at this year’s event
It’s that time of year: RSA Conference 2020 USA is coming up in February. To prepare, we asked Britta Glade, Director of Content and Curation for RSA Conference, to tell us more about this year’s event. Read our Q&A for more on what’s in store at the world’s largest gathering of information security professionals.

First international smart home standard ensures secure connectivity between devices
The OCF Certification Program helps manufacturers create products that “just work” with other OCF Certified IoT devices regardless of their form factors, operating systems, service providers or transports.

ATT&CK for ICS: Knowledge base of techniques used by cyber adversaries
MITRE released an ATT&CK knowledge base of the tactics and techniques that cyber adversaries use when attacking ICS that operate some of the nation’s most critical infrastructures including energy transmission and distribution plants, oil refineries, wastewater treatment facilities, transportation systems, and more.

App on Google Play exploited Android bug to deliver spyware
Google has pulled three malicious apps from Google Play, one of which exploits a recently patched kernel privilege escalation bug in Android (CVE-2019-2215) to install the app aimed at spying on users.

Automotive cybersecurity incidents doubled in 2019, up 605% since 2016
Upstream Security’s 2020 Automotive Cybersecurity Report shares in-depth insights and statistics gleaned from analyzing 367 publicly reported automotive cyber incidents spanning the past decade, highlighting vulnerabilities and insights identified during 2019.

Smart cities are on the rise, what are the dangers?
While the creation of “smart cities” has the potential to drive efficiencies and improve services, their implementation needs to be coupled with robust cybersecurity solutions and practices to mitigate the vulnerabilities that would make them attractive targets for threat actors.

Facial recognition hardware to reach over 800 million devices by 2024
A new report from Juniper Research found that facial recognition hardware, such as Face ID on recent iPhones, will be the fastest growing form of smartphone biometric hardware. This means it will reach over 800 million in 2024, compared to an estimated 96 million in 2019.

Five cyber risks that will define 2020
Here are five cyber risks that will endanger company data in 2020.

PCs still running Windows 7 will soon be significantly more at risk of ransomware
PCs still running when Windows 7 reaches end of life on the 14th of January will be significantly more at risk of ransomware, Veritas Technologies has warned. According to experts, 26% of PCs are expected to still be running the Microsoft software after support for patches and bug fixes end.

Trends that will shape the 2020 technology market
In 2020, there will be greater adoption of Continuous Intelligence (CI) technologies, which will elevate IoT data analytics way beyond traditional operational levels and have a greater impact on strategic planning and organizational change, states ABI Research.

Modern security product certification best practices
IT security product manufacturers are required to achieve government mandated, standards-based certifications to get their product in market. One of the most common, aptly called Common Criteria (CC), was introduced more than two decades ago to help standardize the evaluation criteria used to validate a product’s conformance against a variety of functional security requirements.

Data ownership vs. data processing: A moral dilemma?
Work around data seems to never end. Between collection, sharing and use – the burden of this falls onto the shoulders of the CISO, the broadness of which, seems to be increasing year-on-year. The question that must be asked is, can we expect the CISO to prosper when the essence of data itself seems to be out of control?

Why outsourcing your DPO role is an effective insurance policy
Organizations are starting to take a much more considered approach to data protection as high-profile regulatory action for data mishandlings has raised both the stakes and interest in data privacy operations.

Burner phones are an eavesdropping risk for international travelers
In recent years, burner phones have become an obligatory part of the international business traveler’s toolkit. But though these devices are designed to minimize the amount of stored data available for capture by malicious actors in a foreign country, burner phones actually give attackers an opening to another, potentially more valuable, form of data: conversations that occur during key meetings in the vicinity of the device.

Why the 2020 US presidential election is still vulnerable to foreign interference

With the international political situation becoming increasingly fraught and divisive, it is hard to ignore the shadow of foreign interference looming over electoral proceedings around the world.

California’s IoT cybersecurity bill: What it gets right and wrong
California state lawmakers should be lauded for SB 327, their well-intentioned legislative attempt at tackling one of the most pressing issues in the tech sector: IoT security. But as the law went into effect at the start of the year, they will also (unfortunately) soon be faced with the reality that it is inadequate for today’s security threat landscape.

Companies: Lean into consumer privacy to win
The California Consumer Privacy Act became effective on the first day of 2020 and will affect millions of consumers and tens of thousands of companies.

eBook: How Hackers Plan Their Attacks
In this eBook, they share the hackers’ perspective – what motivates them and how they plan their most sophisticated attacks, step-by-step.

Cisco Data Center Network Manager flaws fixed, Cisco ASA appliances under attack
Cisco has fixed 12 vulnerabilities in Cisco Data Center Network Manager (DCNM), a platform for managing Cisco switches and fabric extenders that run NX-OS, and has warned about a spike in exploitation attempts of an old flaw affecting Cisco Adaptive Security Appliance (ASA) and Firepower Appliance software.

New infosec products of the week: January 10, 2020
A rundown of infosec products released last week.

More about

Don't miss