Cyber Bites

Each year, ISACA tracks the state of cybersecurity by surveying practitioners and leaders across the globe about emerging trends, issues and solutions. The results of this annual information-collection effort are then released in a report called, State of Cybersecurity 2019. Source: Infosecurity Magazine

The United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has gone public with a warning to Microsoft Windows users regarding a critical security vulnerability. By issuing the "update now" warning, CISA has joined the likes of Microsoft itself and the National Security Agency (NSA) in warning Windows users of the danger from the BlueKeep vulnerability. Source: Forbes

Exim servers, estimated to run nearly 57% of the internet's email servers, are now under a heavy barrage of attacks from hacker groups trying to exploit a recent security flaw in order to take over vulnerable servers, ZDNet has learned. At least two hacker groups have been identified carrying out attacks, one operating from a public internet server, and one using a server located on the dark web. Both groups are using an exploit for...

The American cybersecurity giant Symantec has downplayed a data breach that allowed a hacker to access passwords and a purported list of its clients, including large Australian companies and government agencies. The list extracted in the February incident, seen by Guardian Australia, suggests that all major federal government departments were among the targets of a hacker who also claimed to be responsible for Medicare data being available for sale on the dark web. Source: The...

A decryptor for pyLocky Ransomware versions 1 and 2 has been released by French authorities that allows victim to decrypt their files for free. According to a post by the French Ministry of Interior,  this decryptor was created in collaboration between French law enforcement, the French Homeland Security Information Technology and Systems Service, and volunteer researchers. Source: Bleeping Computer

Nearly 1,000 employees in ASCO’s Zaventem, Belgium, office have been left incapable of doing their jobs after a ransomware attack crippled the aircraft-parts manufacturer, according to a June 11 report from vrt NWS. “From the ISF’s standpoint, everyone who has access to an organization’s information and systems should be made aware of the risks from ransomware and the actions required to minimize those risks,” said Steve Durbin, managing director of the Information Security Forum. Source:...

Poor governance and privacy concerns have knocked Facebook out of an influential ethics index that tracks socially responsible companies. The US stock market S&P 500's Environmental, Social, and Governance (ESG) Index said that it had booted Facebook after the company scored poorly for social responsibility and governance, achieving 22 and 6, respectively, out of 100. Source: The Telegraph

ASCO, one of the world's largest suppliers of airplane parts, has ceased production in factories across four countries due to a ransomware infection reported at its plant in Zaventem, Belgium. As a result of having IT systems crippled by the ransomware infection, the company has sent home approximately 1,000 of its 1,400 workers. Source: ZDNet

Maryland Attorney General Brian E. Frosh warns Marylanders their medical and other private information may have been compromised by a cyberattack against American Medical Collection Agency, a third party collection agency for laboratories, hospitals, physician groups, medical providers and others. AMCA’s payment system was compromised on August 1, 2018, according to the release, and remained vulnerable through March 30, 2019. Source: CBS Baltimore

Facebook is set to create 500 new jobs with the opening of a new engineering centre in central London. The majority of the new roles will be in Facebook’s Community Integrity team, which is focused on upholding safety and tackling abuse on the platform. Other responsibilities include building software and AI detection systems to locate and remove malicious content, fake accounts and other “harmful behaviour,” the company claimed. Source: i News