Project Hyphae

Information Security News 10/24/2022

Share This Post

Microsoft Data Breach Exposes Customers’ Contact Info, Emails

Article Link:

  • Microsoft reported that some of its customers’ sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet. The company secured the server after being notified of the leak on September 24, 2022, by security researchers at threat intelligence firm SOCRadar. Information exposed includes names, email addresses, email content, company name, phone numbers, and files between customers, Microsoft, and Microsoft affiliates.
  • While Microsoft hasn’t provided much additional information, SOCRadar claims it was able to link sensitive information to more than 65,000 entities from 111 countries stored in files dated from 2017 to August 2022.
  • SOCRadar also has a data leak search portal, named BlueBleed, that allows companies to find if their sensitive info was exposed with Microsoft’s leaked data. Additionally, BlueBleed allows searching for data collected from five other public storage buckets.
  • Link to BlueBleed:

Typosquat Campaign Mimics 27 Brands to Push Windows, Android Malware

Article Link:

  • A massive, malicious campaign is underway using over 200 typosquatting domains that impersonate twenty-seven brands to trick visitors into downloading various Windows and Android malware. Typosquatting is where malicious users register website domains spelled similarly to known brands to trick users who mistype website URLs.
  • This specific campaign has been seen trying to act as the PayPal, Google Wallet, and Tor browser websites, among other websites, with cloned webpages to enhance legitimacy. Once on these websites, the downloads available will be presented as files with one character different.
  • Some browsers like Google Chrome and Microsoft Edge include typosquatting protection. However, in tests on the websites identified, the browsers did not block any of the domains.

List of Common Passwords Accounts for Nearly All Cyberattacks

Article Link:

  • Half of a million passwords from the RockYou2021 list account for 99.997% of all credential attacks against a variety of honeypots, according to Rapid7 who recorded compromise attempts over a 12-month period. The logging recorded 512,000 password permutations, most found in the RockYou list.
  • The study didn’t reflect poor password creation by users, but rather that attackers believe that trying a few poorly selected passwords against their targets are a worthwhile guessing game.

Millennials and Gen Z Less Likely to Observe Cybersecurity Protocols Than Their Elders

Article Link:

  • A survey from EY consulting suggests that despite understanding the need for security measures, younger, digitally native workers were significantly more likely to disregard mandatory IT updates for as long as possible. They were also more likely to use the same password for professional and personal accounts.
  • Millennials and especially Gen Z grew up as digital natives integrating technology into their daily lives and expect their employers to already have seamlessly integrated cybersecurity protections. Likewise, they may be desensitized to the risks of cyber breaches due to growing up with breaches.
  • According to EY, the solution to improving cyber-safe practices is role- and risk-based education for employees, regardless of age.

Third Party Cyber Risk is Your Cyber Risk. How to Understand, Mitigate and Prepare for Third Party Cyber Risk Exposure

Article Link:

  • A comprehensive approach to managing third-party risk must encompass identifying, assessing and mitigating cyber risk and involve detailed preparations for responding to any incidents that do occur, enabling organizations to assess impact, minimize downtime, and support business continuity.
  • This article highlights 4 key strategies for bolstering defenses and understanding risk. These include reviewing existing third-party risk management program frameworks, implementing third-party risk-based controls and cyber insurance requirements, clearly communicating third-party risk internally, and preparing for response and recovery in the wake of a cyber incident.
  • This article looks at the healthcare industry but contains relevant information for all industries.

5 Steps for the Boardroom Community to Address Heightened Privacy and Cyber Risk Oversight

Article Link:

  • This article highlights the importance of communicating privacy and cyber risk to organizational leadership, whether it be a board or different reporting body.
  • 5 key points from this article include ensuring some level of adequate privacy and cyber competence exists, executing a leadership-level strategy for data risk governance and resilience, contextualizing cyber risk to financial exposure, ensuring that leadership is educated enough to meaningfully participate in discussions, and looking at the big picture related to risk.

Securing Your Organization Against Phishing can Cost up to $85 per Email

Article Link:

  • Phishing-related activities are consuming a third of the total time available to IT and security teams and costing organizations anywhere between $2.84 and $85.33 per phishing email, according to a new report by Osterman Research.
  • The average cost per phishing email is calculated by taking the midpoint between the range of the number of minutes, multiplied by the average hourly rate, reviewing benefit averages as well. The report noted that 70% of organizations spend 16-60 minutes on each phishing email, resulting in the range being between $2.84 and $85.33.
  • On average, phishing-related activities consume one-third of the working hours available each week for the IT and security teams at their organization. This equates to $45,726 in salary and benefits paid per IT and security professional to handle phishing, the report noted.
  • Osterman Research report:

The Black Market for Blue Checks

Article Link:

  • A verification badge adds a stamp of authenticity, and scammers with verified social media profiles can attract stronger attention and have a higher impact when trying to manipulate users.
  • Many hackers trying to get verified accounts start by running credential stuffing attacks, before switching to phishing on various platforms in an attempt to gain access to victims’ accounts.
  • Overall, these phishing attempts prey on users’ psychological belief that verification means legitimacy.

Cybersecurity Awareness Month: Eight Security Insights That You Should Know

Article Link:

  • This article provides information on what to be aware of as cyber threats become increasingly more prevalent. The bottom line is that while threats may look different, the methods for breaches will continue to likely either be as a result of social engineering or unpatched software.
  • The article notes that several important steps in securing organizations include securing network access, solidifying storage and backups, plugging internal threats – both accidental and intentional insider threats, ransomware detection and prevention, address vulnerability management, and secure email services to limit phishing and other email-related threats.

Reach out to our incident response team for help

More To Explore

Information Security News 6-10-2024

Frontier Warns 750,000 of a Data Breach After Extortion Threats Article Link: ‘Fog’ Ransomware Rolls in to Target Education, Recreation Sectors Article Link:

Information Security News 6-3-2024

Snowflake Data Breach Impacts Ticketmaster, Other Organizations Article Link: 2.8 Million Impacted by Data Breach at Prescription Services Firm Sav-Rx Article Link: LastPass

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.