Episode 28 - May the Force Be With You
Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 28.\xa0 It is Friday December 20, 2019. I am your host Scott Gombar and May the Force Be WIth You\n\nThis podcast is brought to you by Nwaj Tech, a Client Focused and Security Minded IT Consultant based in Central Connecticut.\xa0 You can visit us at nwajtech.com\n\n\nStar Wars sites purporting to have pirated versions of the Rise of Skywalker are popping up.\xa0 The goal of these phishing sites is to install malware. Avoid these sites unless you want to risk a malicious attack.\n\nOther Rise of Skywalker phishing sites are stealing credit/debit care info.\n\n\nCISA has advised that there is a Drupal update available to address a critical flaw.\xa0 Update Drupal to 7.69, 8.7.11, or 8.8.1 to prevent remote hackers from compromising web servers.\n\n\nIf you\u2019re using 301 Redirects \u2013 Easy Redirect Manager you'll want to update it immediately to address a critical vulnerability.\xa0 The vulnerability allows any authenticated user including subscribers to modify, delete or create a redirect rule that could potentially take a site down.\xa0 The latest versions is 2.45.\xa0\xa0\n\n\nGoogle Offers Financial Support to Open Source Projects for Cybersecurity\n\n\nK-12 Cybersecurity Act Introduced to Protect Schools from Ransomware\n\n\nNew Dudell Malware Hides Behind Microsoft Excel Documents\n\n\nEmotet Malware Uses Greta Thunberg Demonstration Invites as Lure\n\n\nCMS Blue Button 2.0 Coding Bug Exposed PHI of 10,000 Medicare Beneficiaries\n\n\nhttps://www.buzzfeednews.com/article/carolinehaskins1/data-leak-exposes-personal-data-over-3000-ring-camera-users?fbclid=IwAR2HFBEjq98XyEGUTF99rLiKSVYJ4Makl1bcLDtdHEPiVJVaoc6cYo5zAqA\n\n\n267 million - mostly American - Facebook users' IDs, names and phone numbers are exposed online and shared on the dark web\n\nA database exposing the names, phone numbers and Facebook user IDs of millions of platform users was left unsecured on the web for nearly two weeks before it was removed.\n\n\nSecurity researcher Bob Diachenko, who along with Comparitech discovered the unsecured Elasticsearch database, believe it belongs to a cybercriminal organization, as opposed to Facebook. Diachenko went to the internet service provider (ISP) managing the IP address of the server so that the access could be removed.\n\n\n\u201cA database this big is likely to be used for phishing and spam, particularly via SMS,\u201d according to the Thursday report. \u201cFacebook users should be on the lookout for suspicious text messages. Even if the sender knows your name or some basic information about you, be skeptical of any unsolicited messages.\u201d\n\n\nhttps://www.theverge.com/2019/12/19/21030114/robocalls-bill-congress-president-trump-sign-law-illegal-fcc-ajit-pai