American Airlines Pilot Union Hit by Ransomware Attack
Article Link: https://www.bleepingcomputer.com/news/security/american-airlines-pilot-union-hit-by-ransomware-attack/
- Allied Pilots Association (APA), a labor union representing 15,000 American Airlines pilots, disclosed a ransomware attack that hit its systems on October 30th. The union has already launched an investigation to assess the full extent of the incident.
- Currently, the APA hasn’t disclosed what data was impacted or attributed the attack to any ransomware operators. Likewise, the APA is still currently working to restore full system functionality.
- In addition to the APA breach, the article highlighted how American Airlines pilots have been involved in several data breaches over the last three years.
Cybersecurity Workforce Shortages: 67% Report People Deficits
Article Link: https://www.helpnetsecurity.com/2023/11/02/cybersecurity-workforce-shortages-isc2/
- According to a report by ISC2, the global cybersecurity workforce has reached its highest ever at an estimated 5.5 million people within the industry. However, despite the industry growth there is still an estimated 4 million cybersecurity professionals needed to adequately safeguard digital assets.
- Among other resources referenced to develop the report, ISC2 conducted a survey of nearly 15,000 cybersecurity practitioners from across the globe to gain insight on industry trends.
- The report’s study component had several key statistics. These include that 52% of respondents believe that their organization has the adequate people and tools to respond to incidents, 67% reported having cybersecurity staff shortages, 92% reported skill gaps, and 71% agreed that periods of economic uncertainty increase the risk of malicious insiders.
- The report also highlighted the importance of organizations investing in the skills development of employees already in security roles as a means of addressing the cybersecurity skill gap.
- Link to ISC2’s Report: https://www.isc2.org/Insights/2023/11/ISC2-Cybersecurity-Workforce-Study-Looking-Deeper-into-the-Workforce-Gap
Threat Prevention Begins with IT & Security Team Collaboration
Article Link: https://www.darkreading.com/vulnerabilities-threats/threat-prevention-begins-with-it-security-team-collaboration
- As the threat landscape evolves, cybersecurity responsibilities blend between those in security roles and other departments like IT and finance.
- Personnel from various departments can balance one another out by leveraging their unique perspectives to contribute to information security initiatives, guided by key leaders like CISOs.
- As the article emphasizes, seamless communication across teams is vital for more effective collaboration on cybersecurity-related tasks. In addition to other initiatives, greater collaboration can help with crisis plan development, remote work security, and understanding the interdependencies between the goals of different departments.
White House Executive Order on AI Provides Guidelines for AI Privacy and Safety
Article Link: https://www.techrepublic.com/article/white-house-executive-order-ai-privacy/
- Recently, President Biden released an Executive Order on the use and regulation of artificial intelligence (AI). The Executive Order isn’t a law but does offer some level of guidance for Federal agencies to engage with AI.
- The Executive Order covers safety and security, privacy, equity and civil rights, how AI will be used in healthcare and education, and more identified in the article.
- The Executive Order also coincides with the recently released 11-point voluntary AI Code of Conduct, which was agreed to by the G7 (U.S., U.K., Canada, France, Germany, Italy, and Japan).
- Link to the Executive Order: https://www.whitehouse.gov/briefing-room/presidential-actions/2023/10/30/executive-order-on-the-safe-secure-and-trustworthy-development-and-use-of-artificial-intelligence/
- Link to the White House’s Fact Sheet: https://www.whitehouse.gov/briefing-room/statements-releases/2023/10/30/fact-sheet-president-biden-issues-executive-order-on-safe-secure-and-trustworthy-artificial-intelligence/
- Link to the AI Code of Conduct: https://www.techrepublic.com/article/g7-countries-ai-code-conduct/
Google Play Adds Security Audit Badges for Android VPN Apps
Article Link: https://www.bleepingcomputer.com/news/security/google-play-adds-security-audit-badges-for-android-vpn-apps/
- The Google Play Store is now including a banner stating if VPN applications have received independent security reviews. The initial wave of banners will only exist for VPN applications as Google considers these applications critical for user privacy and security.
- The independent security reviews leverage the App Defense Alliance’s (ADA) Mobile App Security Assessment (MASA) to review the security of applications across six domains.
- The goal of the banner is to add additional security and privacy information to the “Data Safety” section in the details of applications on the Google Play Store.
- The banner will likely expand to other applications in addition to VPNs; however, there has yet to be additional information on this potential initiative.
- Link to ADA’s MASA: https://appdefensealliance.dev/masa
- Link to the MASA Requirements: https://github.com/appdefensealliance/ASA/blob/main/MobileAppSecurityAssessment/MobileSecurityGuide.md
New CVSS 4.0 Vulnerability Severity Rating Standard Released
Article Link: https://www.bleepingcomputer.com/news/security/new-cvss-40-vulnerability-severity-rating-standard-released/
- Recently, the Forum of Incident Response and Security Teams (FIRST) released CVSS version 4.0, the next version of its Common Vulnerability Scoring System standard.
- Version 4.0 offers a variety of enhancements including improving the effectiveness of assessing environment-specific security requirements and compensating controls, considering vulnerabilities to OT, ICS, and IoT systems, and other valuable metrics.
- While CVSS 4.0 helps prioritize response to security threats and vulnerabilities, it should not be used as a singular method for assessing and addressing organizational risk but one of several tools to gain a holistic understanding of risk.
- Link to version 4.0 Details: https://www.first.org/cvss/v4-0/
Logging Made Easy: Free Log Management Solution from CISA
Article Link: https://www.helpnetsecurity.com/2023/10/30/logging-made-easy-lme-free-log-management/
- Recently, CISA released the free “Logging Made Easy” log collection tool for organizations to download and utilize within their environments.
- The tool allows users to see where administrative commands are being run on enrolled devices, see who is using what machine, and reference threat reports to query for the presence of attacker TTPs. Ultimately, the tool is meant for organizations looking to collect logs but lack the resources to effectively do so.
- The article lists several other similar open-source tools that could be considered in addition to the LME tool released by CISA.
- Link to CISA’s Announcement: https://www.cisa.gov/resources-tools/services/logging-made-easy
- Link to the LME Tool: https://github.com/cisagov/LME