The Briefing – WK45 2020
Curated for business leaders, small business owners and security staffers; The Briefing is a compact summary of noteworthy security stories impacting global business sectors and industries prevalent across the Caribbean Region.
GLOBAL NEWS
Britain Fines US Hotel Chain Marriott Over Data Breach:Â
The UK Information Commissioner’s Office fined Marriott £18.4 million ($23.5 million, 20.1 million euros) for data breaches of personal information such as names, email addresses, phone numbers, unencrypted passport numbers, arrival/departure information, guests’ VIP status and loyalty programme membership numbers since March 2018.
Over 12% of ICS Security Incidents Attributed to Nation-State Hackers:
A survey of over 600 people conducted by (CS)2AI revealed that while most ICS security incidents are caused by negligent insiders, over 12% of incidents have been attributed to nation-state actors.
U.S. Says Iranian Hackers Accessed Voter Information:Â
CISA and the FBI have issued an alert to warn that an Iranian threat actor recently accessed voter registration data. They state that Iranian hackers targeted known vulnerabilities in VPN products and content management systems – including CVE-2020-5902 (Remote Code Execution in F5 BIG-IP) and CVE-2017-9248 (XSS in Telerik UI). The hackers installed the Acunetix vulnerability scanner to discover the vulnerabilities. The stolen data was used to send intimidation emails in at least four different US states.
CARIBSOC advises organisations to corroborate all data and information as a matter of course when determining impacts to their staff & infrastructure.