This Week in Cybersecurity News
Enterprise, Cloud Services Exposed as Vulnerable to Logjam by Charlie Osborne, ZDNet
Thousands of HTTPS websites, mail servers and other services reliant on the Diffie-Hellman key exchange algorithm could be vulnerable to a security flaw known as Logjam. Cryptographic weaknesses with the algorithm allow for man-in-the-middle cyberattacks as well as the degradation of TSL and encrypted communications.
Cyberattack on CareFirst Exposes Data on 1.1 Million Customers in D.C., Md. and Va. by Andrea Peterson, Washington Post
CareFirst BlueCross BlueShield was the victim of a data breach that compromised the information of 1.1 million current and former customers. The breach occurred in June 2014. The database breached by the attackers included usernames, names, birth dates, e-mail addresses and subscriber identification numbers but did not include Social Security numbers, medical claims, employment, credit card or financial information.
Scammers Target Oil Companies with Sneaky Attack by Adam Greenberg, SC Magazine
Threat actors are using stolen credentials at an oil company to obtain proof of product documentation forms that can be used to get up to $100,000 in advance of an alleged exchange. The threat actors are obtaining the credentials through a phishing campaign that includes a PDF loaded with a self extractor file. Ten impacted companies have been found from the oil and gas maritime transportation sector located in Spain, Germany, U.K., Italy, Belgium, China and Singapore.
Retailers Take 197 Days to Detect Advanced Threat, Study Says by Sara Peters, Dark Reading
A new report found that retailers take 197 days on average to identify that they have been hit with an advanced threat and once identified, it took 39 days to contain it. Financial services organizations took 98 and 26 days respectively. Respondents to the survey did not have high confidence in their ability to detect and contain threats with only 58 percent of financial services organizations saying technology and personnel were effective detecting advanced threats.
Critical Vulnerability in NetUSB Driver Exposes Millions of Routers to Hacking by Lucian Constantin, IDG News Service
A new vulnerability located in a service called NetUSB, which allows devices connected over USB to a computer be shared with other machines on the local network could impact millions of routers. NetUSB is implemented in Linux-based embedded systems as a kernel driver. If a connecting computer has a name longer than 64 characters it triggers a stack buffer overflow in the NetUSB service which can result in a remote code execution or denial of service.
ICYMI Threat Geek Post of the Week: LogJam: Reactions from Fidelis Threat Researchers by Jim Jaeger