Fake website targets data breach victims | China suspected in Mitsubishi Electric breach | FBI: SharePoint flaw led to 2 US municipal network breaches
January 21, 2020
SmartBrief on Cybersecurity
Security and risk management news that matters to the C-Suite
Top Story
Fake website targets data breach victims
Fake website targets data breach victims
A fake website claiming to be that of the "US Trading Commission" -- which does not exist -- is preying on victims of data breaches under the guise of offering compensation, Kaspersky Labs reports. Victims are asked to fill out forms with personal data, including Social Security numbers and credit card information, and the site offers to sell them a Social Security number if they don't have one.
The Kim Komando Show (1/18) 
LinkedIn Twitter Facebook Email
Northwestern MS in Information Systems
Build the skills needed for IT management roles. Learn from and network with a faculty of leading industry experts. Choose from 8 specializations to suit your goals. Study online or on campus. Learn more.
Data Breaches
China suspected in Mitsubishi Electric breach
Mitsubishi Electric has confirmed Japanese newspaper reports that the world's largest electronics and electrical equipment manufacturing firm -- which is also one of Japan's biggest defense contractors -- suffered a data breach last year that was most likely from China. The hackers compromised an employee account, accessed about 14 departments and stole 200 megabytes of files.
ZDNet (1/20) 
LinkedIn Twitter Facebook Email
FBI: SharePoint flaw led to 2 US municipal network breaches
Nation-state attackers were able to break into two municipal networks in the US during 2019 by exploiting CVE-2019-0604, a flaw associated with servers running Microsoft SharePoint, the FBI reported. The bureau says the attacks enabled intruders to view user data, gain consistent backdoor access and exercise administrative privileges.
ZDNet (1/16) 
LinkedIn Twitter Facebook Email
Security Tips and Tools
Researchers: Windows feature could be used for ransomware
Antivirus software from leading vendors might not protect Windows machines using Microsoft's Encrypting File System from certain types of ransomware attacks, security researchers say. Vendors are responding in various ways to the researchers' development of "concept ransomware" that uses EFS to lock files.
ZDNet (1/21),  BleepingComputer (1/21) 
LinkedIn Twitter Facebook Email
Managing Data
Firewalls adapt to keep providing strong cybersecurity
Firewall vendors have kept their products relevant by adding intrusion prevention system capabilities and other security features, writes Tufin Chairman and CEO Ruvi Kitov. Even with the rise in cloud computing, firewalls remain important for on-premises security and the internet of things, he writes.
Dark Reading (free registration) (1/15) 
LinkedIn Twitter Facebook Email
Government Security and Policy
Bill calls for all states to have cybersecurity chiefs
Bill calls for all states to have cybersecurity chiefs
The Cybersecurity State Coordinator Act of 2020 would require that each state have a cybersecurity leader to speed up response times and improve communication with the federal government. The state coordinators would be appointed and overseen by the Department of Homeland Security.
Infosecurity (U.K.) (1/20) 
LinkedIn Twitter Facebook Email
DHS issues bulletin urging chemical sector to ramp up security
Companies that have "facilities with chemicals of interest" should safeguard their sites against the risk of an Iranian attack by increasing physical security and cybersecurity controls, according to a bulletin released by the Department of Homeland Security. The bulletin recommends stronger controls at sites that handle toxic or flammable chemicals, or substances that could be stolen and used alone or in combination with other chemicals to create weapons.
Homeland Security Today (1/16) 
LinkedIn Twitter Facebook Email
Tradition is the albatross around the neck of progress.
Bill Veeck,
professional baseball club executive, owner, promoter
LinkedIn Twitter Facebook Email
Sign Up
SmartBrief offers 200+ newsletters
Learn more about the SmartBrief audience
Subscriber Tools:
Contact Us:
Advertising  -  Dena Malouf
Editor  -  Sarah Nessel
Mailing Address:
SmartBrief, Inc.®, 555 11th ST NW, Suite 600, Washington, DC 20004
© 1999-2020 SmartBrief, Inc.®
Privacy Policy (updated May 25, 2018) |  Legal Information