Information Security News 11-6-2023

Share This Post

American Airlines Pilot Union Hit by Ransomware Attack

Article Link: https://www.bleepingcomputer.com/news/security/american-airlines-pilot-union-hit-by-ransomware-attack/

  • Allied Pilots Association (APA), a labor union representing 15,000 American Airlines pilots, disclosed a ransomware attack that hit its systems on October 30th. The union has already launched an investigation to assess the full extent of the incident.
  • Currently, the APA hasn’t disclosed what data was impacted or attributed the attack to any ransomware operators. Likewise, the APA is still currently working to restore full system functionality.
  • In addition to the APA breach, the article highlighted how American Airlines pilots have been involved in several data breaches over the last three years.

Cybersecurity Workforce Shortages: 67% Report People Deficits

Article Link: https://www.helpnetsecurity.com/2023/11/02/cybersecurity-workforce-shortages-isc2/

  • According to a report by ISC2, the global cybersecurity workforce has reached its highest ever at an estimated 5.5 million people within the industry. However, despite the industry growth there is still an estimated 4 million cybersecurity professionals needed to adequately safeguard digital assets.
  • Among other resources referenced to develop the report, ISC2 conducted a survey of nearly 15,000 cybersecurity practitioners from across the globe to gain insight on industry trends.
  • The report’s study component had several key statistics. These include that 52% of respondents believe that their organization has the adequate people and tools to respond to incidents, 67% reported having cybersecurity staff shortages, 92% reported skill gaps, and 71% agreed that periods of economic uncertainty increase the risk of malicious insiders.
  • The report also highlighted the importance of organizations investing in the skills development of employees already in security roles as a means of addressing the cybersecurity skill gap.
  • Link to ISC2’s Report: https://www.isc2.org/Insights/2023/11/ISC2-Cybersecurity-Workforce-Study-Looking-Deeper-into-the-Workforce-Gap

Threat Prevention Begins with IT & Security Team Collaboration

Article Link: https://www.darkreading.com/vulnerabilities-threats/threat-prevention-begins-with-it-security-team-collaboration

  • As the threat landscape evolves, cybersecurity responsibilities blend between those in security roles and other departments like IT and finance.
  • Personnel from various departments can balance one another out by leveraging their unique perspectives to contribute to information security initiatives, guided by key leaders like CISOs.
  • As the article emphasizes, seamless communication across teams is vital for more effective collaboration on cybersecurity-related tasks. In addition to other initiatives, greater collaboration can help with crisis plan development, remote work security, and understanding the interdependencies between the goals of different departments.

White House Executive Order on AI Provides Guidelines for AI Privacy and Safety

Article Link: https://www.techrepublic.com/article/white-house-executive-order-ai-privacy/

Google Play Adds Security Audit Badges for Android VPN Apps

Article Link: https://www.bleepingcomputer.com/news/security/google-play-adds-security-audit-badges-for-android-vpn-apps/

  • The Google Play Store is now including a banner stating if VPN applications have received independent security reviews. The initial wave of banners will only exist for VPN applications as Google considers these applications critical for user privacy and security.
  • The independent security reviews leverage the App Defense Alliance’s (ADA) Mobile App Security Assessment (MASA) to review the security of applications across six domains.
  • The goal of the banner is to add additional security and privacy information to the “Data Safety” section in the details of applications on the Google Play Store.
  • The banner will likely expand to other applications in addition to VPNs; however, there has yet to be additional information on this potential initiative.
  • Link to ADA’s MASA: https://appdefensealliance.dev/masa
  • Link to the MASA Requirements: https://github.com/appdefensealliance/ASA/blob/main/MobileAppSecurityAssessment/MobileSecurityGuide.md

New CVSS 4.0 Vulnerability Severity Rating Standard Released

Article Link: https://www.bleepingcomputer.com/news/security/new-cvss-40-vulnerability-severity-rating-standard-released/

  • Recently, the Forum of Incident Response and Security Teams (FIRST) released CVSS version 4.0, the next version of its Common Vulnerability Scoring System standard.
  • Version 4.0 offers a variety of enhancements including improving the effectiveness of assessing environment-specific security requirements and compensating controls, considering vulnerabilities to OT, ICS, and IoT systems, and other valuable metrics.
  • While CVSS 4.0 helps prioritize response to security threats and vulnerabilities, it should not be used as a singular method for assessing and addressing organizational risk but one of several tools to gain a holistic understanding of risk.
  • Link to version 4.0 Details: https://www.first.org/cvss/v4-0/

Logging Made Easy: Free Log Management Solution from CISA

Article Link: https://www.helpnetsecurity.com/2023/10/30/logging-made-easy-lme-free-log-management/

  • Recently, CISA released the free “Logging Made Easy” log collection tool for organizations to download and utilize within their environments.
  • The tool allows users to see where administrative commands are being run on enrolled devices, see who is using what machine, and reference threat reports to query for the presence of attacker TTPs. Ultimately, the tool is meant for organizations looking to collect logs but lack the resources to effectively do so.
  • The article lists several other similar open-source tools that could be considered in addition to the LME tool released by CISA.
  • Link to CISA’s Announcement: https://www.cisa.gov/resources-tools/services/logging-made-easy
  • Link to the LME Tool: https://github.com/cisagov/LME


Reach out to our incident response team for help

More To Explore

Information Security News – 11/4/2024

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft Article Link: https://thehackernews.com/2024/11/microsoft-warns-of-chinese-botnet.html FBI, Partners Disrupt RedLine, Meta Stealer Operations Article Link: https://www.darkreading.com/threat-intelligence/fbi-partners-disrupt-redline-meta-stealer-operations FakeCall

Information Security News – 10/28/2024

SEC Charges Tech Firms Over Misleading SolarWinds Hack Disclosures Article Link: https://www.infosecurity-magazine.com/news/sec-charges-solarwinds-hack/ Major Publishers Sue Perplexity AI for Scraping Without Paying Article Link: https://www.theregister.com/2024/10/22/publishers_sue_perplexity_ai/ Microsoft

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.