This week’s essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned. Designed to educate, support, and advocate.
Stan’s Top of the News
This Week’s Top of the News is from WSJ Pro Cybersecurity, published by the Wall Street Journal. Hang on tight. It’s going to be a cyber-challenging year ahead.
- Cybersecurity in the Year Ahead: Think 2023 on Steroids: Businesses face escalating cyberattacks and stiffer security regulations heading into 2024. … Companies in 2023 saw rising cybersecurity threats, rising regulation and rising costs for cyber insurance, while dealing with tight budgets and a tighter labor market. … The year ahead will bring no letup. … Both geopolitical adversaries and common criminals will intensify strikes on U.S. companies to steal information and disrupt business, government security officials say. Ransomware remains a significant threat, with new malware strains emerging as quickly as older ones fade. Serious attackers linked to China and Russia are exploiting bugs in the technology supply chain to get into corporate networks through a side door. … Chief information security officers increasingly are responding by working with the chief risk officer, general counsel, chief financial officer and chief information officer to set cyber risk policies and processes. That collaboration is vital as the Big Four cyber adversaries of the U.S.—China, Iran, North Korea and Russia—show no signs of slowing attacks.
Small and Midsize Organizations. Take your security to the next level. Apply Now! If you’re a small business, nonprofit, or IT / MSP in the greater Los Angeles area, apply NOW for LA Cybersecure, a pilot program with coaching and guidance that costs less than two cups of coffee a week. https://securethevillage.org/la-cybersecure-pilot/ The LA Cybersecure Pilot Program is funded by a grant from the Center for Internet Security (CIS) Alan Paller Laureate Program.
Family Protection Newsletter: Did you know we created the Family Protection Newsletter for non-cyber experts? For your parents, friends, those who need to protect themselves in a digital world. Sign up or share with a friend! Click here to learn more and quickly add to your free subscription!
How Hackable Are You? Take our test. Find out how hackable you are and download our free updated 13-step guide.
- How Hackable Are You? Think your defenses are strong. Find out as SecureTheVillage tests you on five basics. Please take our short test as your answers will help you and guide us to improve community safety.
Upcoming events. Please join us.
- Los Angeles Cybersecurity Workforce Coalition: The monthly meeting of the workforce coalition, Tue, January 9, 1:00 pm – 2:00 pm PT.
Please Support SecureTheVillage.
- We need your help if we’re to build a world of CyberGuardians TM. Please donate to SecureTheVillage. Thank you. It takes a village to secure the village. TM.
Cyber Humor
Security Nonprofit of the Week … CyberWyoming & CyberWyoming Alliance
Established in 2017, CyberWyoming, a 501(c)6 nonprofit, combats cyber risks for Wyoming businesses. It fosters collaboration among communities, fortifying state and national cybersecurity through tailored economic development and workforce training. Providing consultancy and education services, it integrates cyberpsychology into training for small business stakeholders. The CyberWyoming Alliance, a 501(c)3 nonprofit, headquartered in Laramie, amplifies cybersecurity awareness across local communities. Targeting diverse groups, it secures grants, tailors programs, and establishes information-sharing networks to disseminate crucial cybersecurity updates. This strategic approach reinforces cybersecurity throughout Wyoming, making a significant impact on various demographics and entities. CyberWyoming is a member of Nonprofit Cyber, a coalition of implementation-focused cybersecurity nonprofits including SecureTheVillage.
Live on Cyber with Dr. Stan Stahl – Live on LinkedIn and Your Favorite Podcast Platform
Are We Just Talking to Ourselves in Cybersecurity? (Video) (Podcast): Stan and Julie took the week off to play with family and friends. … Want to join the fight for online safety? Learn how LA Cybersecure is helping: https://securethevillage.org/la-cybersecure-pilot/. … Subscribe to Live on Cyber with Stan Stahl, PhD and Julie Michelle Morris, your weekly 15-min update on the latest in privacy and information security affecting our businesses and the communities we live in!
Section 2 – Let’s Be Careful Out There. And Let’s Help Others Who Aren’t Yet Cyber-Aware.
Let’s resolve for 2024 to help those we love stay safe from pig butchering and other scams.
- Hear how this man lost $1M in a ‘pig butchering’ crypto scam: Pig butchering, a new form of financial fraud, is on the rise in the US according to the FBI. CNN’s senior international correspondent Ivan Watson spoke to two victims of the scam and traces its roots back to South East Asia.
And let’s take heart from this end-of-year story showing that we the people can change things.
- Scammed With Zelle Over the Holidays? Banks May Now Reverse the Charges: Imposter scams continue to snare Zelle users, but victims finally have recourse. … Zelle — the banking industry’s answer to PayPal, Venmo and CashApp — has become a digital payment powerhouse. It’s now baked into more than 2,000 banking apps, making it easy (and free) to transfer money instantly from one party to another. … However, the instantaneous nature of payments and the fact that fraudulent payments are often technically authorized by victims makes Zelle vulnerable to criminal fraud. The worst of the worst Zelle scams might even use puppies to prey on victims. … Luckily for the victims of Zelle scams, a new change in policy allows banks to claw money back from criminals in certain cases.
Section 3 – Cybersecurity and Privacy News for the Cyber-Concerned.
An in-depth pig butchering story and the way scammers are often human trafficking victims.
- New ‘Pig Butchering’ Crypto Scam Includes Victims In U.S. And Overseas: On Thursday, December 14, the Department of Justice (DOJ) announced an indictment in what is described as the latest cryptocurrency investment scam known as ‘pig butchering’ to the tune of $80 million dollars. But as Americans are becoming victims as they are duped out of their life savings, it turns out the scammers on the front lines are victims themselves of human trafficking mainly located on the other side of the globe in Asia. … With financial devastation on one hand and the potential growth of modern-day slavery on the other, ‘pig butchering’ may be one of the more pernicious ‘crypto’ crimes to date. More broadly than the DOJ’s enforcement action – which is not the first regarding pig butchering this year – is the United Kingdom’s decision to sanction people and businesses in Southeast Asia that are connected to the pig butchering scams. According to Ari Redbord, the Global Head of Policy at TRM Labs, “HM Treasury in the UK used sanctions to target traffickers and businesses they hide behind mostly in Cambodia.” … The U.K. official announcement this month that included sanctions actions 46 human rights abusers on the 75th Anniversary of the Universal Declaration of Human Rights, included sanctions which, “…targets 9 individuals and 5 entities for their involvement in trafficking people in Cambodia, Laos and Myanmar, forcing them to work for online ‘scam farms’ which enable large-scale fraud.” According to the U.K., “Victims are promised well-paid jobs but are subject to torture or other cruel, inhuman, or degrading treatment.”
On the international cyber-front.
- Amnesty confirms Apple warning: Indian journalists’ iPhones infected with Pegasus spyware: Apple’s warnings in late October that Indian journalists and opposition figures may have been targeted by state-sponsored attacks prompted a forceful counterattack from Prime Minister Narendra Modi’s government. Officials publicly doubted Apple’s findings and announced a probe into device security. … India has never confirmed nor denied using the Pegasus tool, but nonprofit advocacy group Amnesty International reported Thursday that it found NSO Group’s invasive spyware on the iPhones of prominent journalists in India, lending more credibility to Apple’s early warnings. … “Our latest findings show that increasingly, journalists in India face the threat of unlawful surveillance simply for doing their jobs, alongside other tools of repression including imprisonment under draconian laws, smear campaigns, harassment, and intimidation,” said Donncha Ó Cearbhaill,hHead of Amnesty International’s Security Lab, in the blog post.
- Microsoft Warns of New ‘FalseFont’ Backdoor From Iran Targeting the Defense Sector: Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. … The findings come from Microsoft, which is tracking the activity under its weather-themed moniker Peach Sandstorm (formerly Holmium), which is also known as APT33, Elfin, and Refined Kitten.
- Israel-linked group claims cyberattack that shut down 70% of Iran’s gas stations: Tehran cites ‘software problem’ as cause for shutdown; group known as Gonjeshke Darande takes responsibility, says attack is response to Iranian aggression
VentureBeat offers an in-depth story on how large language models (LLMs) are being weaponized for cybercrime, cyber-intelligence, and the other dystopian elements of our inter-connected world.
- The age of weaponized LLMs is here: The idea of fine-tuning digital spearphishing attacks to hack members of the UK Parliament with Large Language Models (LLMs) sounds like it belongs more in a Mission Impossible movie than a research study from the University of Oxford. … But it’s exactly what one researcher, Julian Hazell, was able to simulate, adding to a collection of studies that, altogether, signify a seismic shift in cyber threats: the era of weaponized LLMs is here. … By providing examples of spearphishing emails created using ChatGPT-3, GPT-3.5, and GPT-4.0, Hazell reveals the chilling fact that LLMs can personalize context and content in rapid iteration until they successfully trigger a response from victims. … The research all adds up to one thing: LLMs are capable of being fine-tuned by rogue attackers, cybercrime, Advanced Persistent Threat (APT), and nation-state attack teams anxious to drive their economic and social agendas. The rapid creation of FraudGPT in the wake of ChatGPT showed how lethal LLMs could become. Current research finds that GPT-4. Llama 2 and other LLMs are being weaponized at an accelerating rate. … The rapid rise of weaponized LLMs is a wake-up call that more work needs to be done on improving gen AI security.
Meanwhile in the world of cybercrime, the year is pretty-much ending the way it began.
- Ransomware Group Claims 100 Gb of Data Stolen From Nissan: The Akira ransomware group has taken credit for the recent attack that impacted Nissan Australia and New Zealand. … The carmaker revealed in early December that internal systems belonging to Nissan Motor Corporation and Nissan Financial Services in Australia and New Zealand had been targeted by hackers. … It confirmed on December 22 that an “unauthorized third party illegally accessed some of the company’s network systems in Australia and New Zealand” and said it has been working on determining what information is impacted.
- Class-action lawsuit filed against Integris Health following data breach: The class-action lawsuit claimed Integris Health did not notify its patients of the breach until extortion emails were sent out by cybercriminals. … A class-action lawsuit against Integris Health Inc. was filed in federal court this week after a data breach. … On Dec. 24, Integris said they learned that patients had begun receiving messages from the cybercriminals responsible for the breach. … Patients began receiving extortion emails stating that their data was stolen in a cyberattack on the healthcare network, and if they did not pay an extortion demand, the data would be sold to other threat actors. The cybercriminal group claims the group stole data that impacts more than 2 million patients, according to the lawsuit. The cybercriminals said this information included social security numbers, birthdates, addresses, phone numbers and insurance information. … Integris Health is Oklahoma’s largest not-for-profit health network, operating hospitals, clinics, and urgent care throughout the state.
- 1 million Corewell Health patients could be impacted by second data breach: About one million Corewell Health patients in southeast Michigan may have had their personal and medical information exposed in yet another nationwide data breach. … Michigan Attorney General Dana Nessel on Tuesday, Dec. 26, announced the second data breach of a vendor used by Corewell Health. … It comes less than a month after a data breach of another Corewell Health vendor that also is believed to have exposed similar personal and medical information of about one million patients serviced by the health system in southeast Michigan. …In this latest breach, the compromised vendor, HealthEC, mailed letters on Dec. 22 to those impacted, Nessel said.
- Fidelity National Financial subsidiary says 1.3 million affected by November cyberattack: A subsidiary of title insurance giant Fidelity National Financial reported a data breach to state regulators this week after a cyberattack in November. … LoanCare, one of the largest providers of loan subservicing services, told officials in Maine and California that 1,316,938 people had information accessed by hackers who breached Fidelity National Financial — their parent company.
- Officials fix bugs in Kansas courts computer system, as it comes back online amid delays: After a cyberattack crippled the Kansas courts computer system, forcing officials to take it offline months ago, the process to restore the system has been experiencing delays, with some districts are experiencing slower system performance, the judicial branch announced Wednesday.
- Ubisoft Investigates Cyber Attack: Possible Data Exfiltration by Hackers: Ubisoft, the renowned video game developer behind iconic franchises like Assassin’s Creed and Far Cry, narrowly escaped a potentially devastating data breach. … On December 20th, an unidentified threat actor infiltrated their systems, gaining access for approximately 48 hours before Ubisoft’s eagle-eyed security team detected the anomaly and revoked access.
- Paramount’s Parent Company Suffers Massive Data Breach: National Amusements, the corporate parent company of Paramount Global, CBS, and Showcase Cinemas, confirmed a security breach compromised the privacy of more than 82,000 people last year. … The news was revealed in a legally required filing with Maine’s attorney general.
Section 4 – Managing Information Security and Privacy in Your Organization.
If your organization uses Barracuda’s Email Security Gateway, you’ll want to update it.
- Barracuda patches Email Security Gateway vulnerability targeted by hackers : Barracuda Networks Inc. has patched a vulnerability in its Email Security Gateway appliances that was found to be being exploited by an alleged Chinese hacking group. … Tracked as CVE-2023-7102, the vulnerability is an arbitrary code execution vulnerability in a third-party library.
