Cybersecurity News of the Week, December 12, 2021

Individuals at Risk

Cyber Privacy

Gravatar “Breach” Exposes Data of 100+ Million Users: A security site emailed notices of a data breach affecting over 100 million users of Gravatar. Gravatar denies it was hacked. SEJ, December 7, 2021

Patch Now

Minecraft rushes out patch for critical Log4j vulnerability: Swedish video game developer Mojang Studios has released an emergency Minecraft security update to address a critical bug in the Apache Log4j Java logging library used by the game’s Java Edition client and multiplayer servers. BleepingComputer, December 10, 2021

Cyber Warning

Criminal hackers are now going after digital phone lines, too: Criminal groups have been sending threatening messages in the past couple of months to companies that manage broadband phone services all over the world, promising they’ll flood the digital phone lines with traffic and take them offline unless the targets pay a ransom. NPR, December 6, 2021

Cyber Humor

Information Security Management for the Organization

Information Security Management

A security practitioner’s take on CISA’s Incident and Vulnerability Response Playbooks: The new CISA playbooks provide sound guidance on incident and vulnerability response, but mainly from a process perspective. CSO, December 6, 2021

Why the C-Suite Doesn’t Need Access to All Corporate Data: If zero trust is to work properly, then it must apply to everyone. DarkReading, December 6, 2021

Are You Guilty of These 8 Network-Security Bad Practices?: Tony Lauro, director of Security Technology & Strategy at Akamai, discusses VPNs, RDP, flat networks, BYOD and other network-security bugbears. ThreatPost, December 6, 2021

Cyber Warning

U.S. bank regulator urges vigilance as ransomware attacks on the rise: WASHINGTON, Dec 6 (Reuters) – A top U.S. banking regulator is cautioning firms to ensure they have robust policies to protect themselves from cyberattacks, saying it is seeing an uptick in ransomware attacks, it said in a report issued Monday. Reuters, December 6, 2021

SolarWinds Attackers Spotted Using New Tactics, Malware: One year after the disruptive supply-chain attacks, researchers have observed two new clusters of activity from the Russia-based actors that signal a significant threat may be brewing. ThreatPost, December 7, 2021

Patch Now

Security experts race to fix critical software flaw threatening industries worldwide: BOSTON — A critical vulnerability in a widely used software tool — one quickly exploited in the online game Minecraft — is rapidly emerging as a major threat to organizations around the world. NPR, December 10, 2021

Cyber Insurance

Don’t panic about cyber insurers pulling up the drawbridge, says Lloyd’s: New clauses are menu to pick from, not commandments of stone. TheRegister, December 9, 2021

Cybersecurity in Society

Cyber Crime

Brazilian Ministry of Health suffers cyberattack and COVID-19 vaccination data vanishes: Hackers claimed to have copied and deleted 50 TB worth of data from internal systems. ZDNet, December 10, 2021

Cream cheese shortage stemmed partially from cyberattack: A top producer of cream cheese says a cyberattack shut down its production for days. CNet, December 10, 2021

BitMart CEO Says Stolen Private Key Behind $196M Hack: The crypto exchange’s CEO said the company will compensate affected users out of its own funds. CoinDesk, December 6, 2021

Someone stole $120 million in crypto by hacking a DeFi website: Dozens of wallets were drained before BadgerDAO could freeze its vaults. TheVerge, December 3, 2021

Cyber Surveillance

In lawsuit, Saudi women’s rights activist says phone hack by U.S. contractors led to arrest: WASHINGTON, Dec 9 (Reuters) – A Saudi Arabian women’s rights activist accused three former U.S. intelligence contractors of an illegal hack of her phone that was instrumental in her being arrested and later tortured in her home country, according to a lawsuit filed in a U.S. court. Reuters, December 9, 2021

Cyber Privacy

Russia’s Internet Censorship Machine Is Going After Tor: The attempt to block the site, which helps users mask their online activity, is the latest step in the country’s efforts to control the internet. Wired, December 10, 2021

Know Your Enemy

Companies Linked to Russian Ransomware Hide in Plain Sight: Cybersecurity experts tracing money paid by American businesses to Russian ransomware gangs found it led to one of Moscow’s most prestigious addresses. The New York Times, December 8, 2021

Chinese Hackers Targeting Southeast Asia Nations Likely State-Sponsored, U.S. Company Says: United States cybersecurity company announced findings Wednesday showing that Chinese hackers have targeted governments across Southeast Asia and that the intrusions are likely state-sponsored. Newsweek, December 8, 2021

When Scammers Get Scammed, They Take It to Cybercrime Court: Underground arbitration system settles disputes between cybercriminals. ThreatPost, December 7, 2021

National Cyber Defense

NIST Cyber-Resiliency Framework Extended to Include Critical Infrastructure Controls: The latest NIST publication … NIST.SP.800-160v2r1 – Developing Cyber-Resilient Systems … outlines how organizations can build systems that can anticipate, withstand, recover from, and adapt to cyberattacks. DarkReading, December 10, 2021

New White House policy gives agencies 24 hours to assess cyberattacks of potential national security concern: (CNN)The White House has enacted a new policy requiring the FBI and other agencies to help US officials quickly assess whether a cyberattack “rises to the level of a national security concern” that could hamper the provision of key services such as fuel or food, according to a National Security Council memo obtained by CNN and two US officials. CNN, December 10, 2021

Biden’s cyber leaders go to Silicon Valley for more help fighting hackers: As cyber threats from countries like Russia multiply, officials met with corporate executives to pitch their vision for “operational collaboration.” Politico, December 7, 2021

Cyber Enforcement

WINNING THE WAR ON RANSOMWARE: The DOJ’s task force is changing the landscape around hackers, but will it be enough? TheVerge, December 9, 2021

Canada Charges Its “Most Prolific Cybercriminal”: A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Canadian authorities describe him as “the most prolific cybercriminal we’ve identified in Canada,” but so far they’ve released few other details about the investigation or the defendant. Helpfully, an email address and nickname apparently connected to the accused offer some additional clues. KrebsOnSecurity, December 8, 2021

Google Disrupts Blockchain-based Glupteba Botnet; Sues Russian Hackers: Google on Tuesday said it took steps to disrupt the operations of a sophisticated “multi-component” botnet called Glupteba that approximately infected more than one million Windows computers across the globe and stored its command-and-control server addresses on Bitcoin’s blockchain as a resilience mechanism. TheHackerNews, December 8, 2021

Ubiquiti breach an inside job, says FBI and DoJ: Investigators claim Ubiquiti employee Nikolas Sharp stole company data and then played the role of whistleblower to draw attention away from is actions. CSO, December 6, 2021

Court hands Microsoft control of websites linked to spying by Chinese hackers: Microsoft obtained a court order to seize websites from a Chinese government-linked espionage group that was using the sites to attack government agencies, think tanks and human rights organizations in 29 countries, the company said Monday. CyberScoop, December 6, 2021

U.S. Military Has Acted Against Ransomware Groups, General Acknowledges: Gen. Paul M. Nakasone, the head of Cyber Command, said a new cross-functional effort has been gathering intelligence to combat criminal groups targeting U.S. infrastructure. The New York Times, December 5, 2021

Cyber Miscellany

With 18,378 vulnerabilities reported in 2021, NIST records fifth straight year of record numbers: A record of 18,378 vulnerabilities was reported in 2021, but the number of high severity vulnerabilities was lower than in 2020. ZDNet, December 8, 2021

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge