Yet Another Security Blog

  Summary A lot of activity in the general SCADA world as well as healthcare, education, and city government.  We also have news of legislation as the budget year ramps up for its start of the year activities.   News IBM's Cost of Data Breach report for 2022 has been released.  It indicates that last year the average cost of a data breach is $4.35 million.  It also reports that 83% of the organizations in the report have been a victim more than once.  80% of infrastructure organizations did not have a zero trust model in place.  Also of note is that paying the ransom only saved about $600,000 overall as most of the costs are associated with civil suits and addressing the fallout of the incident.   https://cyware.com/news/ibm-2022-report-cost-of-a-data-breach-at-an-all-time-high-9303d2b3 https://newsroom.ibm.com/2022-07-27-IBM-Report-Consumers-Pay-the-Price-as-Data-Breach-Costs-Reach-All-Time-High SLTT There has been a data breach of the ...

  Summary I am experimenting with releases on Mondays.  We will see how this works. Continues to be pretty slow news on the SLTT and Infrastructure fronts.  The biggest newsmaker was MI5 and the FBI giving a joint warning about China's efforts to steal intellectual property from the West. News In a first-of-its-kind announcement, Great Britain's MI5 and the United States' FBI have released a joint warning on China's threat to industry and academia.  They pointed out that Communist China leaders have made establishing China as a world economic powerhouse by acquiring intellectual property from the rest of the world a primary goal.  The FBI in particular has been warning of this in recent years as they have made several high-profile arrests that I have covered in previous posts.   https://www.infosecurity-magazine.com/news/fbi-mi5-bosses-warn-massive-china/?&web_view=true https://www.theguardian.com/world/2022/jul/06/fbi-mi5-china-spying-cyberattacks...

  Summary Mostly SCADA stuff the last two weeks.  It seems that the bad guys like to coordinate and cycle.  On a positive note, Biden signed 2 cybersecurity bills in to law! News SCADA/IOC general Researchers with Forescout have announced 56 issues in 26 devices from 10 different companies (enough numbers for you?).  They have named the collective issues  OT:ICEFALL (link below).  The devices all suffer from poor design practices that made them insecure out of the box.  To keep from having more numbers, I will reframe from too deep a dive into the different issues, but if you have any of the affected devices, you should remediate them to the best of your ability. ( https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEj0y073EMjXAssRTlpNziUUmiFxyzSK0i0GB-nY48yG2x90XiNqXt2YfNYZ2DAc4zpyvKeU1vSUF7Z1Cior65QiVpZMGgYkgY-tIIVdDaPQ5uGwlssXoIwzydDptaGdUGjlKfgqI-mfr4qxyu3LxmBrCNcLzdTaETnJIqay2H1tgZEuITeT3Hf1U2l_/s728-e100/flaws.jpg ) Here are the CVE's so it ...

 Summary Not a lot of regular news, but we had both the Verizon and Sophos annual reports came out. News The Verizon Data Breach Investigations Report for 2022 indicated that while the education sector continues to be a favorite target, the motivator is mostly financial (somewhat confirming the Sophos report) and Medical Data is actually the least sought after.  The largest sector they indicated as a target was Professional, followed closely matched Finance, Information Technology, Manufacturing, and Public Administration.   https://cyware.com/news/education-sector-under-constant-cyberattacks-f2fbd34f https://www.verizon.com/business/resources/reports/dbir/ Education The FBI issued an alert that they have become aware of cybercriminals selling usernames and passwords from university breaches.  The sales are occurring on a variety of dark websites.  The biggest takeaway for me was that just because you recover from an initial attack it does not mean it is ov...

Summary Hopefully, these will be a bit more regular now that the semester is over.   We are seeing attacks against all infrastructure areas increasing.  This week's report has school breaches, SLTT breaches, SCADA news, and several healthcare attacks. News SLTT Texas Department of Transportation had a data breach that impacted over 7,000 records.  This included employee information with PII including Social Security Numbers (SSN).   https://www.databreaches.net/another-texas-state-agency-data-breach-this-time-its-the-department-of-transportation/?web_view=true The Texas Department of Insurance (TDI) announced that 1.9 million people in the state who filed claims for compensation had their information publically available from March 2019 to January 2022.  https://www.infosecurity-magazine.com/news/personal-information-two-million/?&web_view=true https://www.tdi.texas.gov/news/2022/tdi03242022.html https://www.tdi.texas.gov/data-security-event/additi...