Cyber Bites

Organizations have long focused their cybersecurity positioning around prevention; however, with the sophistication and frequency of attacks increasing, more organizations are beginning to prioritize incident response teams, groups of specialists trained to address and defeat attacks that make it past existing protections. BAE Systems surveyed board level executives, IT decision makers, and information security professionals to understand the current state of corporate incident response capabilities and readiness. Organizations ranged from governmental agencies to healthcare and...

A UK charity set up to counter Russian disinformation has been targeted in a cyberattack.The National Crime Agency said it is leading an investigation into the theft of data from the government-funded Institute for Statecraft.The charity, which received £2m this financial year, has removed all content from its website while the investigation is ongoing. Source: Independent

More than 120,000 Health Alliance Plan (HAP) clients' personal and protected medical information may have been compromised in a security breach, the Detroit Free Press reported on Tuesday. Letters notifying customers of the breach were sent last week by Wolverine Solutions Group, a Detroit-based company HAP hired to manage its mailing services. The letters said the security problem occurred on or around Sept. 23, when Wolverine Solutions Group "experienced a ransomware incident—a malicious software that attacked and locked up our servers and workstations." Source: Fierce Healthcare

Dalil, an Android app that provides caller ID services similar to Truecaller but for Saudi and other Arabian users, has been leaking user data for a week because of a MongoDB database that has been left accessible online without a password.Discovered by security researchers Ran Locar and Noam Rotem, the database contains what appears to be the app's entire data, from user personal details to activity logs. Source: ZDNet

Mobile users have been targeted by almost twice as many attacks using malicious software during 2018, going up from 66.4 million in 2017 events detected during 2017 to 116.5 million until the end of last year according to a report by Kaspersky Lab.Despite this large increase in the number of malicious mobile software attacks, only 5,321,142 installation packages containing malware samples were identified throughout the entire year, down 409,774 when compared to the 2017 stats. Source: Bleeping Computer

A new Ransomware-as-a-Service called Jokeroo is being promoted on underground hacking sites and via Twitter that allows affiliates to allegedly gain access to a fully functional ransomware and payment server.A Ransomware-as-a-Service is when a developer creates a ransomware and a payment site and allows affiliates to sign up and distribute the ransomware. As part of this deal, the affiliates and the developer will split the payments that are received from victims. Source: Bleeping Computer

Attack traffic observed by F-Secure’s network of decoy honeypots in 2018 increased by 32 percent over the previous year and increased fourfold in the latter half of 2018 compared with the first half of the year, the Finnish cybersecurity company has shared. Source: Help Net Security

There is no dearth of compromised, fake and forged SSL/TLS certificates for sale on dark web markets, researchers have found.TLS certificates are sold individually and packaged with a wide range of crimeware. Together these services deliver machine-identities-as-a-service to cybercriminals who wish to spoof websites, eavesdrop on encrypted traffic, perform man-in-the-middle attacks and steal sensitive data. Source: Help Net Security

HACKERS are offering software to drone owners who want to bypass "no fly zone" technology.Anyone can easily find these websites in just a few clicks on Google – and then crack their drones to remove vital safety features. Source: The Sun

Government critics hit by wave of digital attacks coinciding with political events such as Macron’s visit. ‘These digital attacks appear to be part of a sustained campaign to intimidate and silence critics of the Egyptian government’ - Ramy Raoof. A new investigation by Amnesty International has revealed that dozens of Egyptian human rights defenders have been targeted by phishing attacks since the beginning of this year, putting them in grave danger amid the government’s intensifying crackdown in...