Cybersecurity News of the Week, August 8, 2021

Individuals at Risk

Cyber Privacy

Does your iPhone or iPad have Pegasus spyware? Find out for free: If you’re like me, you’re curious about whether your iPhone or iPad is infected by Pegasus spyware. Here’s how to check for peace of mind. CNet, August 8, 2021

Is your personal information being abused?: Drowning in spam? A study presented at Black Hat USA 2021 examines if sharing your personal information with major companies contributes to the deluge of nuisance emails, texts and phone calls. WeLiveSecurity, August 5, 2021

Apple’s Plan to “Think Different” About Encryption Opens a Backdoor to Your Private Life: Apple has announced impending changes to its operating systems that include new “protections for children” features in iCloud and iMessage. If you’ve spent any time following the Crypto Wars, you know what this means: Apple is planning to build a backdoor into its data storage system and its messaging system. EFF, August 5, 2021

Cyber Warning

FTC warns of phishing scams over unemployment benefits: The scam messages try to convince you to enter your Social Security number and other personal info at a website masquerading as your state’s workforce agency. TechRepublic, August 6, 2021

Cyber Misc

You Don’t Really Own the Digital Movies You Buy: As the entertainment industry shifts its distribution strategy to let people buy or rent movies closer to—or simultaneously with—their release in theaters, you may find yourself amassing a larger digital library than you’ve had in the past. But when you buy a movie from a digital service like Amazon Prime Video or Vudu, does it really belong to you? What if you buy a song on iTunes or download one to your phone from Spotify? Are these files yours forever? If you cancel the service or, as unlikely as it may seem, one of these huge companies goes out of business, what then? The New York Times, August 4, 2021

Cyber Humor

Information Security Management for the Organization

Cybersecurity in the C-Suite & Board

Cybersecurity Challenges for SMBs in 2021: Technology is notorious for change. Updates solve problems and innovations create solutions. As we continue to respond to cyberattacks and guide small to medium-sized businesses (SMBs) to safer shores, we ironically see old problems persist. In order to address the challenges facing SMBs in 2021, we need to address both new and old, both human error and technical shortcomings. CPO, August 4, 2021

Information Security Management

NIST Updates Cyber Resiliency Guide to Account for Increasingly Sophisticated Threats: In a draft update to its flagship cyber resiliency publication released Thursday, experts from the National Institute of Standards and Technology offer a next-gen strategy for protecting critical information technology systems from their inside out. Nextgov, August 5, 2021

Constant review of third-party security critical as ransomware threat climbs: Lulled into complacency, businesses face risks of supply chain attacks even after they have done their due diligence in assessing their third-party suppliers’ security posture before establishing a partnership. ZDNet, August 3, 2021

NSA, CISA publish Kubernetes hardening guide: The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published today a 59-page technical report containing guidance for hardening Kubernetes clusters. TheRecord, August 3, 2021

5 Ways to Increase Password Safety: You make password decisions every week. Maybe you create a new account, reset a password or respond to a password change prompt. And each time you make a seemingly small or insignificant mistake in regard to password safety, such as not creating strong enough passwords or using the same password on multiple accounts, you increase your risk. SecurityIntelligence, July 30, 2021

Cyber Talent

The cybersecurity jobs crisis is getting worse, and companies are making basic mistakes with hiring: Overworked cybersecurity employees are struggling to keep up with the challenges of the job, and employers are struggling to keep hold of them. ZDNet, August 2, 2021

Cybersecurity in Society

Cyber Crime

Italian vaccination registration system down in apparent ransomware attack: Residents of the Lazio region, which includes Rome, will not be able to book new appointments for several days, the region’s president said. NBC, August 2, 2021

Cyber Surveillance

The Spyware Threat to Journalists: In this gathering age of digital autocracy, it is hard to avoid the impression that the dictators are winning. The New Yorker, August 2, 2021

‘I will not be silenced’: Women targeted in hack-and-leak attacks speak out about spyware: Female journalists and activists say they had their private photos shared on social media by governments seeking to intimidate and silence them. NBC, August 1, 2021

Cyber Espionage

New DNS vulnerability allows ‘nation-state level spying’ on companies: Security researchers found a new class of DNS vulnerabilities impacting major DNS-as-a-Service (DNSaaS) providers that could allow attackers to access sensitive information from corporate networks. BleepingComputer, August 5, 2021

New Chinese Spyware Being Used in Widespread Cyber Espionage Attacks: A threat actor presumed to be of Chinese origin has been linked to a series of 10 attacks targeting Mongolia, Russia, Belarus, Canada, and the U.S. from January to July 2021 that involve the deployment of a remote access trojan (RAT) on infected systems, according to new research. The Hacker News, August 4, 2021

Know Your Enemy

Step 1: Do a Google search. Ransomware hacker goes rogue, leaks gang’s plan: Someone claiming to work with one of the most notorious ransomware gangs says they’re fed up with how extortion money is divvied up and has leaked a host of the gang’s files on a hacker forum. Yahoo, August 5, 2021

A Wide Range of Cyber Attacks Leveraging Prometheus TDS Malware Service: Multiple cybercriminal groups are leveraging a malware-as-a-service (MaaS) solution to distribute a wide range of malicious software distribution campaigns that result in the deployment of payloads such as Campo Loader, Hancitor, IcedID, QBot, Buer Loader, and SocGholish against individuals in Belgium as well as government agencies, companies, and corporations in the U.S. The Hacker News, August 5, 2021

Researchers turn the spotlight on the hidden workers of the cybercrime world: Phishing schemes, malware campaigns and other operations involve an array of workers beyond the criminal masterminds. Could giving them better opportunities for legitimate work help cut crime? ZDNet, August 5, 2021

Ransomware Gangs and the Name Game Distraction: It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. We hang on to these occasional victories because history tells us that most ransomware moneymaking collectives don’t go away so much as reinvent themselves under a new name, with new rules, targets and weaponry. Indeed, some of the most destructive and costly ransomware groups are now in their third incarnation. KrebsOnSecurity, August 5, 2021

Black Hat: This is how a naive NSA staffer helped build an offensive UAE security branch: If that job offer looks too good to be true, something else may be afoot. ZDNet, August 4, 2021

An interview with BlackMatter: A new ransomware group that’s learning from the mistakes of DarkSide and REvil: Editor’s Note: In July, a new ransomware gang started posting advertisements on various cybercrime forums announcing that it was seeking to recruit partners and claiming that it combined the features of notorious groups like REvil and DarkSide. TheRecord, August 2, 2021

BlackMatter ransomware gang rises from the ashes of DarkSide, REvil: A new ransomware gang named BlackMatter is purchasing access to corporate networks while claiming to include the best features from the notorious and now-defunct REvil and DarkSide operations. BleepingComputer, July 31, 2021

Russia’s New Form of Organized Crime Is Menacing the World: The screen goes blank. A message appears in crude, Google Translate English, advising that all your files have been encrypted — rendered unusable — and can be restored only if you pay a ransom. The New York Times, July 31, 2021

Cyber Defense

Top cyber official calls for more ‘ambitious’ defenses while encouraging people to join CISA: In her first major speech since taking office, Cybersecurity and Infrastructure Security Agency Director Jen Easterly sought to elevate the young agency, pushing for more cybersecurity talent across the US and announcing a new initiative collaborating with the private sector on ransomware and other issues. CNN, August 5, 2021

Black Hat: New CISA Head Woos Crowd With Public-Private Task Force: Day two Black Hat keynote by CISA Director Jen Easterly includes launch of private-public partnership with Amazon, Google and Microsoft to fight cybercrime. ThreatPost, August 5, 2021

CISA looks to tie together public-private partnerships through new cyber planning office: The Cybersecurity and Infrastructure Security Agency is teaming up with major cloud providers, cyber companies, and other private sector partners under a new initiative aimed at combining efforts on planning, threat analysis, and defensive operations. Federal News Network, August 5, 2021

Black Hat: Let’s All Help Cyber-Immunize Each Other: We’re selfish if we’re only mitigating our own stuff, said Black Hat USA 2021 keynoter Jeff Moss. Let’s be like doctors battling COVID and work for herd immunity. ThreatPost, August 4, 2021

Cyber Enforcement

Apple Will Scan U.S. iPhones For Images Of Child Sexual Abuse: Apple unveiled plans to scan U.S. iPhones for images of child sexual abuse, drawing applause from child protection groups but raising concern among some security researchers that the system could be misused, including by governments looking to surveil their citizens. NPR, August 6, 2021

Cyber Research

‘Master Face’: Researchers Say They’ve Found a Wildly Successful Bypass for Face Recognition Tech: A group of researchers says that artificial intelligence can be used to trick most biometric face scanners. Gizmodo, August 4, 2021

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge