It’s the season of ghouls, ghosts and outrageous costumes. But for CISOs and cybersecurity professionals, a bump in the night on Halloween is more likely to be a notification warning them of data breach than a spooky ghostly visitation.
In the COVID-19 era, spookiness-as-a-service providers who rent out costumes or sell party products are likely to have a difficult time as lockdowns and home-working play havoc with businesses focused on in-person interaction. Yet for hackers, the dawn of a socially-distanced new normal has opened up vast numbers of attack vectors and given them new opportunities to target businesses or individuals.
In case you are keeping track:
Wisconsin GOP hacking shows how campaigns are targets | Fortune
EXCLUSIVE-Russian hackers targeted California, Indiana Democratic parties | Reuters
The attempted intrusions, many of which were internally flagged by Microsoft Corp over the summer, were carried out by a group often nicknamed "Fancy Bear." The hackers' activity provides insight into how Russian intelligence is targeting the United States in the run-up to the Nov. 3 election.
The targets identified by Reuters, which include the Center for American Progress, the Council on Foreign Relations and the Washington-based Carnegie Endowment for International Peace, said they had not seen any evidence of successful hacking attempts.
Hacker Releases Georgia County Election Data After Ransom Not Paid - WSJ
A computer hacker who took over networks maintained by Hall County, Ga., escalated demands this week by publicly releasing election-related files after a ransom wasn't paid, heightening concerns about the security of voting from cyberattacks.
A website maintained by the hacker lists Hall County along with other hacked entities as those whose "time to pay is over," according to a Wall Street Journal review of the hacker's website.
Not to change the topic here:
Wisconsin Republicans say hackers stole $2.3m - BBC News
.css-14iz86j-BoldText{font-weight:bold;} The Wisconsin Republican party has said hackers stole $2.3m (£1.7m) from the its effort to support President Donald Trump's re-election.
The party contacted the FBI and agents are investigating the matter, Chairman Andrew Hitt said in a statement on Thursday.
* * *
In the upcoming presidential election Wisconsin is seen as a key state - one Mr Trump won narrowly in 2016.
The party's invoices for vendors were altered so that when they paid the invoices, the money did not go to the vendors, Mr Hitt said.
Bloomberg - Are you a robot?
Hackers are on the hunt for Oracle servers vulnerable to potent exploit | Ars Technica
Hackers are scanning the Internet for machines that have yet to patch a recently disclosed flaw that force Oracle's WebLogic server to execute malicious code, a researcher warned Wednesday night.
Johannes Ullrich, dean of research at the SANS Technology Institute, said his organization's honeypots had detected Internetwide scans that probe for vulnerable servers. CVE-2020-14882, as the vulnerability is tracked, has a severity rating of 9.8 out of 10 on the CVSS scale . Oracle's October advisory accompanying a patch said exploits are low in complexity and require low privileges and no user interaction.
6 tips to prevent your smart home from hackers - Information News
Also, hacking into a smart product such as smart lock or light is highly impossible unless the manufacturers have poorly managed the hardware itself.
* * *
The smart home apps that control the devices has to be accessed securely and shouldn't share the credentials or access to the app to anybody who is unknown, which can jeopardise the security of the home
We all love having people around us and host guests at home. While sharing the smart home app access with the guests make sure to always securely share the access only through smart home app and keep all guests in a guest network of your home to ensure limited access can be given to the right guests.
No comments:
Post a Comment