Cyber Defense eMagazine July 2020 Edition

More documents

Recommendations

Info

COVID-19 And the Easyjet Hack - A Perfect Phishing Storm By Shachar Daniel, Safe-T’s CEO As if the airline industry didn’t have enough to worry about at the moment, on May 19, EasyJet, the UK’s biggest budget airline announced it had been breached. Exposed in the attack were the email addresses and travel information for 9 million customers. A small group of customers also had their credit card details, including the CVV, exposed in the attack which lasted from October 2019-March 2020. Although EasyJet first learned about the attack in January, they only began informing those customers whose credit card information was exposed in April. The airline said they did not disclose the attack earlier due to the complexity involved in piecing together which systems and which individuals had been affected. According to the UK's Information Commissioner's Office, “This was a highly sophisticated attacker. It took time to understand the scope of the attack and to identify who had been impacted." Bad Timing - COVID-19 and Airline Scams The EasyJet hack just happens to come at a spectacularly rotten time, as airlines around the world, EasyJet included, are dealing with severe losses due to COVID-19. According to Dr Jason Nurse of the Kent Interdisciplinary Research Center, “It is clearly a difficult time for the travel industry considering the impact of COVID-19 on operations. A cyber-attack is the last thing an airline would want to deal with now.” Cyber Defense eMagazine –July 2020 Edition 78 Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.
To make matters even more complicated, authorities have warned customers to be on the lookout for phishing emails offering refunds on flights, now that their personal details may be up for grabs on the darkweb. According to privacy expert Ray Walsh, "Anybody who has ever purchased an EasyJet flight is advised to be extremely wary when opening emails from now on...Phishing emails that leverage data stolen during the attack could be used as an attack vector at any point in the future.” In fact, a recent statement from EasyJet compelled customers to think critically when opening EasyJet emails, saying "We are advising customers to be cautious of any communications purporting to come from EasyJet or EasyJet Holidays." But EasyJet was not the only airline to have phishing campaigns associated with it over the course of the pandemic. As the impact of COVID-19 began to take hold in late March and airlines started canceling flights, Emirates Airlines warned customers about circulating fake flight refund emails and email security provider Mimecast alerted authorities to a major uptick in flight-related email scams involving a variety of airlines. Other security firms noted a rise in voice-based flight cancellation scams, wherein scammers, posing as airline agents, called random people to discuss purported flight cancellations, and in the process, tried extracting personal information. And now, as airlines across the world attempt to cut their losses, they are offering heavy discounts on flights, for whenever regular flights do resume. As inboxes fill up with enticing promotions offering deals on future flights, customers should remember that while many of these emails are legitimate, a significant portion are phishing emails, cashing in on the confusion created in COVID-19. How to Spot a Travel-Based Phishing Email Meanwhile, it’s important to note that since travel information was included in the stolen EasyJet data set, phishing emails sent to those customers may be highly targeted and include real elements, like dates and destinations, making the emails seem legitimate. If your data was exposed in the EasyJet hack, there are some relatively simple ways to protect yourself from falling prey to the ensuing phishing threats. What’s more, these tips can be just as easily applied to any trending COVID-19 airline email scams out there today. So when you get flight promotions or cancellation notices, be sure to: - Look at the sender's email address - does it match the name of the airline or is it slightly off? For example, if it says EasyJetTravel.com, JetBlueFlights.com, or SouthWestTickets.com, you can rest assured it’s a scam. - - Avoid any email requesting personal information, such as credit card information, dates of birth, or social security numbers. - - Delete messages that include links or attachments, which are often filled with malware payloads. Cyber Defense eMagazine –July 2020 Edition 79 Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
Security, Convenience & Privacy: A
Page 3 and 4:
IOT Security Embedded in Memory Car
Page 5 and 6:
@MILIEFSKY From the Publisher… Ne
Page 7 and 8:
Welcome to CDM’s July 2020 Issue
Page 9 and 10:
Cyber Defense eMagazine -July 2020
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Your website could be vulnerable to
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Industry giants have chosen to appr
Page 27 and 28: emotely is governed correctly via u
Page 29 and 30: 3 Practices to Avoid Security Risk
Page 31 and 32: Simplifying personal endpoint devic
Page 33 and 34: What can you do to protect your wor
Page 35 and 36: System Updates / Antivirus Security
Page 37 and 38: access to remote employees, and thi
Page 39 and 40: Organizations: It’s Time to Rethi
Page 41 and 42: While newer technologies, such as a
Page 43 and 44: database included 3,000+ email addr
Page 45 and 46: It is impossible to know whether Jo
Page 47 and 48: to prioritize higher-risk employees
Page 49 and 50: About the Author David Sanders is D
Page 51 and 52: On the other hand, buying a SOC sol
Page 53 and 54: In 2020, SOCs Are Understaffed Yet
Page 55 and 56: Figure 2: SOC leaders believe that
Page 57 and 58: it will create a team that is respo
Page 59 and 60: Figure 6: SOC managers drive metric
Page 61 and 62: • By then, our global cities may
Page 63 and 64: Managing Small Business Cybersecuri
Page 65 and 66: There are multiple risks when emplo
Page 67 and 68: Security in memory card format Swis
Page 69 and 70: About the Author Hubertus Grobbel i
Page 71 and 72: More variants: 439,000 new malware
Page 73 and 74: About the Author Lt. Commander (Ret
Page 75 and 76: What Are the Different Types of Thr
Page 77: Even though DHS recommends using tw
Page 81 and 82: Should We Be Worried About Vehicle
Page 83 and 84: Still, with these cases attracting
Page 85 and 86: Cyber Attacks at Sea: Blinding Wars
Page 87 and 88: North Korean hackers.5 Later this y
Page 89 and 90: 200-300 million for Q3 2017.17 More
Page 91 and 92: About the Author Julien Chesaux is
Page 93 and 94: Why not just keep using a jailbreak
Page 95 and 96: Conclusion Jailbreak-free acquisiti
Page 97 and 98: ut the case is if such a behavior i
Page 99 and 100: How Bad Guys Could Take Advantage o
Page 101 and 102: How it Works Whenever you sign in t
Page 103 and 104: Understanding the Types of Single S
Page 105 and 106: About the Author Ayman is founder o
Page 107 and 108: According to research conducted by
Page 109 and 110: Source: Apple Insider It is also im
Page 111 and 112: Post COVID-19: Cloud, Remote Work a
Page 113 and 114: The Rise of COVID-19 Phishing Attac
Page 115 and 116: Donation Solicitations - The Most D
Page 117 and 118: Post COVID-19: Password Extinction
Page 119 and 120: The Future Of Security - Prediction
Page 121 and 122: Post COVID-19 Cybersecurity and Fut
Page 123 and 124: picture of access in the cloud and
Page 125 and 126: connectivity? To ensure comprehensi
Page 127 and 128: About the Author Stan Lowe,Global C
Page 129 and 130:
For many organizations, the Securit
Page 131 and 132:
Fig 1: AI Meme This article documen
Page 133 and 134:
Fig 3: Screengrab of Crypto’s UI
Page 135 and 136:
hon() Fig 4: Screengrab of Honeypot
Page 137 and 138:
with high-precision and also send k
Page 139 and 140:
References “Security in Computing
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
Meet Our Publisher: Gary S. Miliefs
Page 157 and 158:
Free Monthly Cyber Defense eMagazin
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
show all

Cyber Defense eMagazine July 2020 Edition

Create successful ePaper yourself

Delete template?

Save as template?