Hello Readers,
In today's SECURITY TRENDS, I explore how botnets are increasingly targeting content management (CMS) platforms. Meanwhile, my PODCAST NOTES summarizes an interview with Bill Harrod, federal CTO with MobileIron, who examines election disinformation campaigns and associated malicious activities.
Don't miss my weekly CISO CORNER feature, which includes exclusive interviews with CISOs, for premium subscribers. If you'd like to read this special content, Inside Security is offering a 14-day free trial. To sign up, click here.
Thank you for supporting Inside Security.
|
Fred
|
|
|
|
Source: Imperva
SECURITY TRENDS: Botnets are ramping up CMS infections
Botnets are increasingly targeting content management (CMS) tools by exploiting older platform versions, unsupported plugins, and weak passwords.
The move to digital business, spurred by the COVID-19 pandemic, has dramatically expanded the attack surface for botnets.
One botnet, KashmirBlack, has grown particularly adept at...
To read more, sign up for our 14-day free premium content trial!
|
|
Dutch researcher Victor Gevers claims to have hacked into President Trump's Twitter account by correctly guessing Trump's password, "maga2020!" Gevers said Trump did not have multi-factor authentication enabled. The researcher said he was able to access Trump's direct messages, post tweets, and change his profile.
More:
- Gevers said he was able to make seven attempts at guessing Trump's password and was not blocked.
- Twitter said it has seen no evidence that Trump's account was compromised.
- Gevers said he previously compromised Trump's Twitter account in 2016.
- President Trump has 87 million Twitter followers.
THE GUARDIAN
|
|
Cisco patched on Wednesday 36 bugs in its network products, some of which could enable a remote attacker to launch denial-of-service (DoS) and cross-site request forgery (CSRF) attacks. A majority of the bugs affect Cisco's Firepower Threat Defense (FTD) and Adaptive Security Appliance (ASA) software.
More:
- Cisco's FTD is a suite of network security and traffic-management products, while its ASA software is the operating system for its ASA corporate network security devices.
- Twenty of the bugs are rated high-severity, with the rest rated medium-severity.
- The most severe bug affects the Firepower Chassis Manager (FCM), which suffers from insufficient CSRF protection in the FCM interface.
THREATPOST
|
|
Iran was responsible for sending emails purportedly from the Proud Boys threatening Democratic voters in Alaska, Florida, and Pennsylvania, according to John Ratcliffe, the director of national intelligence. Ratcliffe said both Iran and Russia have stolen U.S. voter information that could be used to spread disinformation.
More:
- Proud Boys is a far-right, neo-fascist, male-only organization that engages in political violence.
- Earlier this month, the Department of Justice said it had seized 92 domain names being used by Iran in a global disinformation campaign.
- The bogus Proud Boys email threatened to come after Democratic voters who didn't vote for President Trump.
- Trustwave said it found a hacker selling voting registration information on 186 million Americans.
CYBERSCOOP
|
|
Google will automatically hide website notification spam on sites that have a pattern of sending abusive notification content to victims in Chrome 86. The new feature focuses on content that delivers malware or tries to harvest user credentials.
More from Google:
- Chrome 80 first introduced the quiet notification permission UI, which discourages users from allowing notifications from abusive websites.
- Google said that abusive web notifications are one of the top Chrome user complaints.
- When Chrome detects abusive activity from a website, it will give the registered site owners at least 30 days before enforcing the new feature.
BLEEPING COMPUTER
|
|
PODCAST NOTES:
Every Thursday, I summarize a podcast about cybersecurity so you can read it in about five minutes or less. This week features Bill Harrod, federal CTO with MobileIron, who spoke with Dave Bittner of Hacking Humans (#121) about election disinformation campaigns and associated malicious activities. [Note: Questions and answers were edited for brevity and clarity.]
Dave Bittner: Where do we need to head in terms of getting election disinformation under control?
Bill Harrod said that there is a need for people to have the ability to know what is safe and what is true. That might come from trusted media. It could also come from quarantining email coming in and having people select what they're going to look at rather than having it dumped into their email inbox. People tend to scroll through the email and select something that may be malicious without really considering it.
He noted phishing has been one of the most significant attack vectors, particularly since the COVID pandemic started and everybody went to telework...
To read more, please sign up for our 14-day FREE premium content trial today.
Check out my earlier Podcast Notes features with Rachel Tobac, CEO and co-founder of SocialProof Security, who examined the fall-out from the Twitter attack, and with Rich Stever, IT security auditor at Pivot Point Security, who spoke about optimizing your information security management system.
To read these Podcast Notes, as well as my CISO Corner, Cyber Breach Monday, Patch Watch, Security Funding, By The Numbers, and Cybersecurity Masterclass features, please sign up for our 14-day FREE premium content trial today.
UPGRADE NOW
|
|
|
|
QUICK HITS:
- Artic Wolf Networks, a managed detection and response startup, has raised $200M in Series E funding led by Viking Global Investors. (For more startup funding news, check out my weekly SECURITY FUNDING column.)
- An unknown attacker is holding for ransom stolen patient information from Vastaamoa, a Finnish psychotherapy provider.
- Ansa McAI, the Caribbean's largest conglomerate, has been hit by a REvil ransomware attack that has taken some of its IT systems offline.
- Scalable Capital, a German online advisory firm, has suffered a data breach that exposed data on 20,000 clients.
- Two Idaho tribal casinos were shut down by ransomware attacks for 10 days, while a California casino had to shut down for three weeks due to an unidentified type of cyberattack.
- Chargebee’s virtual summit gathers the biggest market disruptors from Apple, Slack, Drift, Zendesk and the likes to empower SaaS businesses. Join the summit for free.*
*This is sponsored content.
|
|
|
|
Fred Donovan is a professional writer, editor, and content specialist with decades of experience, most recently in the areas of information technology and cybersecurity. He has written for such publications as HealthITSecurity.com, FierceITSecurity, InfoSecurity Magazine, Report on Patient Privacy, TechGenix, and NetDefense. Fred has a B.A. from Harvard University in government and an M.S. in national security from Georgetown University.
|
|
Editor
|
Sheena Vasani is a journalist and UC Berkeley, Dev Bootcamp, and Thinkful alumna who writes Inside Dev and Inside NoCode.
|
|