Project Hyphae

Information Security News 1-29-2024

Share This Post

Local Governments in Colorado, Pennsylvania, and Missouri Dealing with Ransomware

Article Link:

  • Over the past week, various local governments have experienced cybersecurity incidents.
  • Several prominent incidents include an attack on the computer-aided dispatch (CAD) system in Bucks County, PA, an attack on the Washington County, PA county court system, a ransomware attack on the Kansas City Area Transportation Authority (KCATA), and a ransomware attack on a Colorado library network.
  • While there doesn’t appear to be a common threat actor behind each attack, the uptick in breaches suggests a heightened focus on local government systems by malicious hackers.

Atlassian Tightens API After Hacker Scrapes 15M Trello Profiles

Article Link:

  • Atlassian recently secured an API they leverage for email invitations to public boards (workspaces) on their platform, Trello. The previously unsecure API allowed a bad actor to scrape the names, usernames, and emails associated with 15 million Trello users.
  • The attacker manipulated the API to run queries that would return the public profiles of any boards associated with a searched email. Researchers who reviewed the data noted that all of the emails searched were emails published from past breaches on other organizations.
  • Due to the data intentionally being public, Atlassian doesn’t consider the profile scraping to be an incident. However, some security researchers suggest that the occurrence could be considered a data breach, possibly a violation of Trello terms of service, and a mishandling of public user data.

Zero-Day, Supply-Chain Attacks Drove Data Breach High for 2023

Article Link:

  • The Identity Theft Resource Center (ITRC) released their 2023 Data Brach Report, which tracked publicly reported data breaches in the United States over the course of 2023. The ITRC recorded 3,205 data compromises throughout the year, which is a 72% increase from 1,801 in 2022.
  • While the number of breaches rose significantly, the number of individual victims decreased by 16% with over 425 million victims in 2022 and about 353 million victims in 2023. The ITRC suggests that this shows that some attackers are becoming more precise with the data they target.
  • The ITRC also noted that 11% of all publicly traded companies were compromised in 2023, attackers targeted the supply chain of organizations, and that zero-day attacks rose from 8 to 110 over the year.
  • Link to ITRC’s Report:

Data Privacy Faces Budget Cuts Despite Being a Customer Favorite

Article Link:

  • Recently, several global surveys on data privacy were conducted and published by various organizations, including Cisco who surveyed 2,600 security professionals.
  • According to Cisco, 94% of their respondents stated that their customers would not buy from them if data wasn’t properly protected. Likewise, 95% reported that the privacy benefits exceed the compliance costs with a 1.6x return on investment.
  • Despite the benefits of data privacy investments, 63% of respondents from an ISACA privacy survey of 15,500 industry professionals believed their privacy budgets would decrease within the next 12 months even as additional data privacy legislation continues to be developed and published.
  • Link to Cisco’s Report:
  • Link to ISACA’s Report:

HHS Releases New Voluntary Performance Goals to Enhance Cybersecurity Across the Health Sector and Gateway for Cybersecurity Resources

Article Link:

  • On January 24th, the U.S. Department of Health and Human Services (HHS) released voluntary cybersecurity performance goals (CPGs) for the healthcare industry.
  • As the HHS noted, the goals are based on several security strategies, including the NIST Cybersecurity Framework and Health Industry Cybersecurity Practices (HICPs), and are designed to directly address common attack vectors against U.S. hospitals.
  • Link to HHS’ CPGs:
  • Link to HHS’ Cybersecurity Gateway:

How to Manage Privacy and Cybersecurity Law Risks in Vendor Contracts

Article Link:

  • This article looks at key considerations when organizations review their contracts, in general and with their vendors specifically.
  • Several of the topics to look for within contracts include definitions on who is liable for data security and any repercussions in the wake of an incident, the process for information sharing, notifications, and incident reporting, flow down requirements for subcontractors, and any ongoing compliance or room for contractual updates when new regulations are released.
  • Overall, the article emphasizes that much of the topics reviewed can and should be reviewed annually or on demand if any changes need to occur.

With CMMC Looming, Military Services Explore Ways to Extend Secure Environments to Small Businesses

Article Link:

  • According to top DoD cybersecurity officials who spoke at the Google Defense Forum, both the U.S. Army and U.S. Navy are exploring options to lower the barrier to entry of CMMC compliance.
  • Specifically, in response to concerns from smaller organizations in the defense industrial base (DIB), the Navy and Army have looked into extending virtual desktops managed by the DoD to smaller defense contractors for any DoD-related transactions.
  • In addition to looking at offering technical help, the Army and Navy officials also discussed assisting smaller contractors with the training and development of their employees working on contracts that require CMMC compliance.

Proposed Law Aims to Boost Food and Agriculture Industry’s Cyber Posture

Article Link:

  • Recently, a bipartisan, bicameral bill was introduced in an attempt to begin improving the security posture of the food and agriculture industry.
  • The bill doesn’t introduce any regulations for agriculture organizations directly; however, it does require that the Secretary of Agriculture conduct a survey of the state of cyber vulnerabilities and threats on the food and agriculture industry every two years.
  • Additionally, the bill will work to develop exercises to simulate major incidents to the agriculture industry at the Federal level.

Reach out to our incident response team for help

More To Explore

CVE-2024-3596 | Attackers Blasting RADIUS

CVE-2024-3596 | CVSS:9.0 A new and emerging attacked named “Blast-RADIUS”, allows a man-in-the-middle attack between the RADIUS client and server to forge a valid protocol

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.