This week's news was loaded with articles of many degrees from the  MedStar suspected ransomware attack,  Java  emergency update fixes, Peyta ransomware which overwrites Dropbox's hard drives, MSIL/Samas ransomware, a huge malvertising campaign, a new POS malware, Mattel phishing scam AND so much more.  But we only have 120 seconds, so what trended? Patching issues. 

Highlighting the cyber-security news from the past week in a 120 sec. read. Starting now.

 


Gov Agencies and Vulnerabilities

1. The Government Accountability Office did an investigation and reported that the IRS is still vulnerable to hackers.

why is this signficant?

 

  • In the past year, the IRS systems were breached, the IRS confirming that personal info of 720,000 tax payers had been compromised.
  • The report stated that the IRS is running obsolete software, unpatched systems, excessive permissions and default passwords.
  • While it’s seemingly easy to pick on the IRS for their procedures, such out-dated and out-of-policy systems continue to run across organizations, across industries. Patching, as every admin has come to known, is not an easy process to say the least - sometimes taking months. It’s time to affirm that such practices will inevitably continue, and hackers will leach on to vulnerabilities. With that in mind, we can change our approach of trying to gain control over patching, incorrect user behavior, etc. and look at how to prevent the actual damage given that hackers are within.

Read the full story on The Washington Times

 

2. NASA denies claims of having hundred of thousands, if not millions of patches waiting to be addressed, leaving NASA open to vulnerabilities.

why is this signficant?

  • NASA is a mission oriented system that apparently excludes any procedure that may slow the mission in any shape or form, including updating their critical infrastructure with security updates that could potentially have a devastating effect if not addressed.
  • It is reported that known malware hosts are constantly attempting infiltration with what sources say the telemetry data shows more than 10,000 pings to NASA.  
  • In 2010, HPE won a  $2.5 billion bid to further develop NASA's cyber security infrastructure. NASA is blaming HPE for being non-responsive and negligent in the development. 
  • The state of vulnerabilities goes back to the previous story regarding IRS and patching, but raises an additional point of ensuring that security procedures and tools do not slow down operations. In fact, slowing down operations is not just a concern to NASA, but to any organization. Once a security procedure or tool delays operations, they are considered a nuisance and that procedure/ tool will either not be implemented, or bypassed, essentially opening up a window for penetration.

Read the full story on Softpedia

Breaches

Verizon Enterprise experienced a customer breach that impacted 15 million customers.

why is this signficant?

  • Ouch, the irony. The annual Verizon Data Breach Investigation Report (VDBIR) is considered the bible of all breaches of the previous years.
  • In particular, on March 1st of this year, Verizon published its first report with case studies, demonstrating that infiltration is inevitable... Preventing the consequences of that infiltration, should be the main focus for all enterprises.
  •  Brian Krebs uncovered Verizon customer data being sold on the dark web and the fact that Verizon's customers consist of many Fortune500 companies.  If a cyber criminal obtains a simple email address/phone number, that's enough to launch a swarm of credible-like hornets/phishing campaigns.

Read the full story on SCMagazine