Friday Five 1/13
Security concerns caused by new and aging technology, proposed compliance updates, and social engineering attacks took the top headlines this week. Catch up on all of these stories and more in this week's Friday Five!
1. A FIFTH OF PASSWORDS USED BY FEDERAL AGENCY CRACKED IN SECURITY AUDIT BY DAN GOODIN
In a recent security audit of the US Department of the Interior, the department's inspector general found that more than a fifth of the passwords protecting its network accounts—including Password1234, Password1234!, and ChangeItN0w!—were weak enough to be cracked using standard methods. The audit also found the department's failure to consistently implement multi-factor authentication (MFA), which extended to 89% of its high-value assets. According to the final inspection report, “it is likely that if a well-resourced attacker were to capture Department AD password hashes, the attacker would have achieved a success rate similar to [the inspector general] in cracking the hashes.”
2. FCC PROPOSES STRONGER DATA BREACH RULES, FASTER NOTIFICATIONS FOR TELECOMS BY TONYA RILEY
The Federal Communications Commission on Friday launched a process to update its rules for how quickly telecommunication carriers notify consumers about breaches of sensitive information, which would require reporting breaches to law enforcement as soon as intrusions are discovered and immediately to consumers, as well, unless otherwise advised by authorities. Current FCC rules require that carriers that have more than 5,000 customers notify the FCC of a data breach within seven days of discovery, while breaches affecting fewer than 5,000 customers must be reported no later than 30 days. Learn more about the newly-proposed rule over at CyberScoop.
3. FAA OUTAGE THAT GROUNDED FLIGHTS BLAMED ON OLD TECH AND DAMAGED DATABASE FILE BY JON BRODKIN
The outage to the FAA's Notice to Air Missions (NOTAM) system, which caused the mass grounding of flights in the U.S. this past week, was reportedly caused by a damaged database file according to a recent FAA statement. The administration claims that there is still no evidence of a cyberattack. A CNN source close to the situation blamed the outage on old infrastructure, claiming that "because of budgetary concerns and flexibility of budget, [a] tech refresh has been pushed off." Read more about the NOTAM, its complexity, and why it took so long to return to normal operations.
4. ATTACKERS ARE ALREADY EXPLOITING CHATGPT TO WRITE MALICIOUS CODE BY JAI VIJAYAN
Researchers from Check Point Research (CPR) have reportedly spotted at least three instances where black hat hackers have demonstrated how they successfully leveraged ChatGPT’s capabilities for malicious purposes. In these instances, hackers were able to recreate the code for a known Python-based information stealer, generate a Python script that could be tweaked to create ransomware, and create an automated darkweb marketplace. Read more about experts' concerns over ChatGPT in the full story from Dark Reading.
5. 'COPYRIGHT INFRINGEMENT' LURE USED FOR FACEBOOK CREDENTIAL HARVESTING BY NATHAN EDDY
According to a recent report, hackers are leveraging Facebook copyright infringement notices to steal enterprise credentials. The social engineering attack reportedly sends users an email warning that because the page has uploaded a photo violating Facebook’s copyright infringement policy, the account will be permanently suspended unless they click on a link to appeal the decision. According to the report, the phishing emails are "fairly believable" outside of the sender's address, making the emails convincing enough to fool employees whose organizations rely heavily on Facebook advertising.