Security this week, May 26, 2020

Here is a weekly roundup of all that is happening in security, globally: 

Attacks on smart homes, enterprises and control systems increase by 46% 

Security breaches have increased amid the covid-19 pandemic

Subex, the digital technology provider reported the detection of a 46% increase in attacks on enterprises, smart homes, and control systems that are connected to sensitive infrastructure while the cyber security landscape changes amid the covid-19 pandemic. Regions of North America, South Asia, and the Middle East were targeted the most. With the world still adjusting to the new normal, hackers are trying to take advantage of the diffused attention and lack of resources. 

US Defense warns of 3 new malwares used by North Korean hackers 

North Korean government has been involved in a series of malicious cyber activities

The US government released three new malware strains namely, COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH being sued by state-sponsored North Korean hackers. This malware is the recent addition to other malware samples that have been identified by security agencies to originate from a series of malicious cyber activity by the government of North Korea. This series is commonly known as the moniker Lazarus Group. 

EasyJet reveals a cyber-attack on nine million clients 

EasyJet suffered a security breach

British Airline’s EasyJet suffered a ‘sophisticated’ cyberattack that uncovered the names and travel details of around nine million customers. EasyJet still has not specified when the attack took place. Although, it suggests that they took immediate actions to respond and manage the incident. The security breach will be investigated further by forensic experts. They will soon be contacting the affected customers in the coming days. Additionally, it shut down the area where unauthorized access to the data was obtained. 

New Bluetooth vulnerability exposes billions of devices to hackers 

Older Bluetooth devices vulnerable to hackers

EPFL has disclosed a security vulnerability in Bluetooth. This can allow an attacker to spoof a remotely paired device. Such activity could expose billions of cellular devices across the globe to hackers. The devices which were not updated since December 2019 can be affected by this attack which has been dubbed Bluetooth Impersonation AttackS or BIAS. The findings responsibly disclosed to the Bluetooth Special Interest Group, the organization that oversees the development of Bluetooth standards. 

Reactive security no longer works: Crowdstrike CTO 

Crowdstrike CTO Michael Sentonas believes that usual security protocols may not be enough for prevention from cyber attacks

Crowdstrike suggests that having next-generation firewalls and other security measures like VPNs and MFAs in place may still not be enough to prevent organizations from ransomware attacks. The firm identifies attacks targeting the World Health Organization, US centers for disease control and prevention, the US department of health and human services, etc. It seems to be a part of the attackers’ strategy to lure health organizations. The attackers are increasingly looking to prey not only on people’s fears but also on their desire to get information on Covid-19. 

Your browser doesn’t support HTML5 audio


Digital Transformation

Demystifying DX - Stories, lessons, and applications.