Page 16 - Threat Intelligence 10-28-2019
P. 16

Threat Alerts




           And Advisories








            FBI Releases Article on Defending Against E-Skimming
            The Federal Bureau of Investigation (FBI) has released an article to raise awareness on e-skimming
            threats. E-skimming occurs when an attacker injects malicious code onto a website to capture credit or
            debit card data or personally identifiable information (PII).
            The Cybersecurity and Infrastructure Security Agency (CISA) encourages businesses and agencies that
            take online payments to review the FBI article and consider the following tips to help protect against e-
            skimming:
                   • Keep software updated.
                   • Change default credentials and create strong, unique passwords on all systems.
                   • Implement multi-factor authentication.
                   • Do not click on links, and be wary of email attachments in messages.
                   • Segment and segregate networks and functions.


            Beware of Stalking Apps
            The Federal Trade Commission (FTC) has released an article warning consumers of “stalking apps”—
            spyware that secretly monitors smartphones. These apps can share information like call history, text
            messages, photos, GPS locations, and browser history without the user's knowledge. Although this can
            be a useful tool, stalking apps can also be used maliciously.
            Smartphone users who suspect an illegitimate stalking app on their device should consider the following
            steps:
                   •Use a rootchecker app to see if the phone is “jailbroken” or modified to allow unrestricted
                   access to the entire file system.
                   •Get a new device or remove the stalking app by factory resetting the smartphone and
                   reinstalling the manufacturer’s operating system.
                   •Get help. Law enforcement can determine if spyware is on your phone.

            Google Releases Security Updates for Chrome
            Google has released Chrome version 78.0.3904.70 for Windows, Mac, and Linux. This version addresses
            vulnerabilities that an attacker could exploit to take control of an affected system.
            The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to
            review the Chrome Release and apply the necessary updates.


            Mozilla Releases Security Updates for Firefox and Firefox ESR
            Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker
            could exploit some of these vulnerabilities to take control of an affected system.
            The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to
            review the Mozilla Security Advisories for Firefox 70 and Firefox ESR 68.2.









                                                    www.accumepartners.com
                                                                                                                    16
   11   12   13   14   15   16   17   18   19   20