Friday Five: Sitting Ducks on the Rise, Biden’s Disputed Cyber Legacy, & More

SITTING DUCKS DNS ATTACKS LET HACKERS HIJACK OVER 35,000 DOMAINS BY BILL TOULAS

Threat actors have hijacked over 35,000 domains in "Sitting Ducks" attacks, exploiting configuration issues at registrars and DNS providers' insufficient ownership verification. This method allows cybercriminals to claim domains without account access by taking advantage of lame delegation and improper domain-claiming processes. Russian cybercriminal groups have used this vector for spam, scams, malware, phishing, and data exfiltration since 2018. Researchers report at least 35,000 cases, with some domains hijacked repeatedly. To defend against these attacks, domain owners should review DNS configurations, registrars should check for lame delegations, and regulators must enforce stricter DNS security standards.

Read more

NIST MAY NOT RESOLVE VULNERABILITY DATABASE BACKLOG UNTIL EARLY 2025, ANALYSIS SHOWS BY DAVID DIMOLFETTA

The NIST's National Vulnerability Database (NVD) has had a significant backlog of unanalyzed cybersecurity vulnerabilities since February, with current projections suggesting upwards of 30,000 vulnerabilities won't be cleared until early 2025. While recent improvements have increased the daily processing rate from 223 to 332 vulnerabilities, it's uncertain if this will continue to improve. The backlog is being addressed in coordination with CISA, but the effort has not yet been fully implemented. Meanwhile, the NIST has contracted a third party to help address the issue, aiming to process 217 vulnerabilities daily. Despite an 8% budget cut for the next fiscal year, the database remains a critical tool for cybersecurity research and machine learning applications.

Read more

BIDEN’S CYBERSECURITY LEGACY: ‘A BIG SHIFT’ TO PRIVATE SECTOR RESPONSIBILITY BY TIM STARKS

The Biden administration has shifted cybersecurity policy to place the burden of protection on the private sector, particularly those who create and manage critical infrastructure. This strategy, affecting 16 critical infrastructure sectors, includes new regulations and voluntary efforts. The administration's approach began with an executive order and gained momentum after major cyberattacks in 2021. Regulations have since expanded across various sectors, including pipelines, air and rail carriers, and financial disclosures. The approach has faced both industry resistance and legal challenges, but it aims to improve cybersecurity standards and resilience. Despite some criticisms, aspects of the policy are expected to persist regardless of the outcome of the next election

Read more

CYBER BILLS ON FEDERAL REGS, HEALTH SECURITY AND WORKFORCE CLEAR SENATE PANEL BY MATT BRACKEN

The Senate Homeland Security and Governmental Affairs Committee approved three bipartisan cybersecurity bills, moving them to the full Senate. The Streamlining Federal Cybersecurity Regulations Act aims to harmonize federal cyber rules for the private sector by identifying and updating overly burdensome regulations. The Healthcare Cybersecurity Act mandates collaboration between the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services to enhance cyber defenses in the healthcare sector. Lastly, the Federal Cyber Workforce Training Act focuses on developing a centralized resource and training center for federal cybersecurity workforce development, leveraging academia for training. Despite one dissenting vote from Sen. Rand Paul due to budget concerns, the bills passed with strong support.

Read more

COMPANIES STRUGGLE TO RECOVER FROM CROWDSTRIKE'S CRIPPLING FALCON UPDATE BY ROBERT LEMOS

A CrowdStrike update caused significant disruptions for 8.5 million Windows computers, impacting healthcare, airlines, and other sectors. Healthcare was notably affected, with many systems still needing recovery. Automated tools and scripts have helped, but manual intervention is often required, especially for Windows-based medical devices. Microsoft additionally released a USB Recovery Tool to aid in recovery efforts. While 97% of affected systems are active again, small businesses and hard-to-patch systems still face issues. The outage's financial impact is estimated at a whopping $5.4 billion, affecting Fortune 500 companies and critical sectors like healthcare and banking.

Read more