{"id":27387,"date":"2022-08-24T08:50:21","date_gmt":"2022-08-24T12:50:21","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=499278"},"modified":"2022-08-24T10:06:24","modified_gmt":"2022-08-24T14:06:24","slug":"cyber-security-today-august-24-2022-watch-your-cyber-insurance-coverage-threat-actors-abusing-saas-platforms-and-more","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-august-24-2022-watch-your-cyber-insurance-coverage-threat-actors-abusing-saas-platforms-and-more\/","title":{"rendered":"Cyber Security Today, August 24, 2022 \u2013 Watch your cyber insurance coverage, threat actors abusing SaaS platforms and more"},"content":{"rendered":"<p data-ar-index=\"0\">Watch your cyber insurance coverage, threat actors abusing SaaS platforms and more.<\/p>\n<p data-ar-index=\"1\">Welcome to Cyber Security Today. It\u2019s Wednesday, August 24th, 2022. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.<\/p>\n<p data-ar-index=\"2\"><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/24148722\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\" \/><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p data-ar-index=\"3\">\n<p data-ar-index=\"4\"><strong>If your organization can afford<\/strong> the increasingly tough requirements and the cost, cybersecurity insurance is an important component of its risk mitigation strategy. But watch the fine print. The cybersecurity news site called <a href=\"https:\/\/therecord.media\/lloyds-to-forbid-insurers-from-covering-losses-due-to-state-backed-hacks\/\" rel=\"noopener\">The Record reports<\/a> that Lloyds of London, which underwrites the cyber policies of a number of insurance companies, is requiring providers to make it clear it won\u2019t cover damages \u201carising from a war\u201d or state-backed cyberattacks that significantly impair the ability of a state to function. Starting next April policies have to make that clear. The story quotes one insurance firm saying policies already exclude acts of war from coverage. But a university professor is quoted as saying the change almost equates state-backed cyber-attacks \u2014 which are common \u2014 to acts of cyberwar.<\/p>\n<p data-ar-index=\"5\"><strong>Still with cyber insurance,<\/strong> make sure you understand the intricacies of your policy. Consider this recent story. A Minnesota computer reseller was tricked into wiring nearly US$600,000 to a crook\u2019s bank account. The company made an insurance claim under its social-engineering fraud agreement. However, the damages under that clause were limited to US$100,000. There was a separate clause covering computer fraud where damages could be covered up to US$1 million. The company tried and failed to change its claim. Then it sued the insurance company. Earlier this month a judge dismissed the lawsuit, ruling the incident was in fact social-engineering fraud.<\/p>\n<p data-ar-index=\"6\"><a href=\"https:\/\/www.sans.org\/newsletters\/newsbites\/xxiv-64\/\" rel=\"noopener\">Commentators at the SANS Institute said<\/a> this is an example of why reading the fine print of a policy is important. They also argue that having multifactor authentication would have made it harder for the attacker to compromise the computer company\u2019s purchasing manager, where this scam started. And not having a formal company payment approval process was a contributing factor to the scam.<\/p>\n<p data-ar-index=\"7\"><strong>Software-as-a-service platforms<\/strong> like website builders, file sharing sites, note-taking sites, design prototyping and form builders need to tighten their security, <a href=\"https:\/\/unit42.paloaltonetworks.com\/platform-abuse-phishing\/\" rel=\"noopener\">say researchers at Palo Alto Networks.<\/a> That\u2019s because threat actors are using these platforms to host their phishing pages instead of building their own. A crook sends out an email for a payment or says a sender has a document to share, asking the victim to click and see it. When they do they go to a web page that asks for their username and password. That gets captured by the crook. The trick is the URL or web address of platforms used by crooks, aren\u2019t seen as suspicious by phishing detection applications because they\u2019re on an accepted SaaS platform. It\u2019s important that security teams educate staff to be careful before logging into online platforms, particularly if they go there from an email.<\/p>\n<p data-ar-index=\"8\"><strong>Organizations that use<\/strong> Gmail, Yahoo Mail and Microsoft Outlook need to ensure their staff use strong passwords and multifactor authentication to protect their accounts if they haven\u2019t already done so. This warning comes after the discovery <a href=\"https:\/\/blog.google\/threat-analysis-group\/new-iranian-apt-data-extraction-tool\/\" rel=\"noopener\">by Google\u2019s Threat Analysis Group<\/a> of a new email exfiltrating tool used by an Iranian-based threat group dubbed Charming Kitten. If the group is able to steal or guess a victim\u2019s username and password the tool can spoof the account to look like an outdated browser, which enables a basic HTML view in Gmail. Then the tool downloads the contents of the victim\u2019s inbox, marking them as unread so the victim isn\u2019t tipped off. So far it\u2019s been used against targets in Iran, but the threat actor could use it against people in other countries.<\/p>\n<p data-ar-index=\"9\"><strong>Finally,<\/strong> the privacy of Apple iPhone and iPad users may be at risk if they don\u2019t take care when they open links to third-party sites and ads on sites they visit. That\u2019s <a href=\"https:\/\/krausefx.com\/blog\/ios-privacy-instagram-and-facebook-can-track-anything-you-do-on-any-website-in-their-in-app-browser\" rel=\"noopener\">according to security researcher Felix Krause<\/a>. This gets a bit technical, so bear with me: If you go to a webpage on your phone and click on a link that goes to another site, that page opens up in a custom browser inside the original app, and not on a new Safari browser page. That leaves the custom browser open to being injected with JavaScript code that can steal information. This second browser is called an in-app browser. If you want to be careful, made sure the in-app browser opens sites in the Safari browser, which is safer. There should be a button or option that allows you do to that so you can escape the in-app browser.<\/p>\n<p data-ar-index=\"10\">That\u2019s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com.<\/p>\n<p data-ar-index=\"11\">Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p data-ar-index=\"12\">The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-august-24-2022-watch-your-cyber-insurance-coverage-threat-actors-abusing-saas-platforms-and-more\/499278\">Cyber Security Today, August 24, 2022 \u2013 Watch your cyber insurance coverage, threat actors abusing SaaS platforms and more<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This episode reports on trends in cyber insurance, SaaS platforms used to host phishing sites, a new tool for exfiltrating data from hacked emai<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389,621],"class_list":["post-27387","post","type-post","status-publish","format-standard","hentry","category-podcasts","category-security","tag-cyber-security-today","tag-cybersecurity-insurance"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/27387","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=27387"}],"version-history":[{"count":3,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/27387\/revisions"}],"predecessor-version":[{"id":27395,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/27387\/revisions\/27395"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=27387"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=27387"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=27387"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}