Cybersecurity News of The Week, February 20, 2022

Individuals at Risk

News stories to inform and support your cybersecurity and privacy.

Cyber Privacy

AirTags are being used to track people and cars. Here’s what is being done about it: Apple’s AirTags help you keep track of your things, but concerns have risen over their misuse. … Apple’s AirTags were billed as a cheap and easy way to track everything from your keys and wallet to your backpack, but in recent months there have been a number of reports of the small button-sized device being used by stalkers and thieves to track people. NPR, February 18, 2022

Cyber Warning

Zelle scam: Wells Fargo customers lose thousands after scammers pose as bank employees: Wells Fargo customers are being targeted by fraudsters claiming to be bank employees — and trick victims into transferring money to them via Zelle.  ABC7 Ness, February 18, 2022

Yik Yak has returned — and so have reports of cyberbullying, students say: Yik Yak, an anonymous social media app that was shuttered in 2017 after coming under fire for facilitating cyberbullying, was resurrected last year with an emphasis on new protective measures including anti-bullying guardrails. But students and watchdog groups are already reporting instances of abuse, and say that the new safeguards aren’t enough to stop people from using the app for cyberbullying. The Record, February 18, 2022

Massive LinkedIn Phishing and Bot Attacks Feed on the Job-Hungry: The phishing attacks are spoofing LinkedIn to target ‘Great Resignation’ job hunters, who are also being preyed on by huge data-scraping bot attacks. Threatpost, February 16, 2022

Online dating scams are on the rise, FBI and FTC warn. Here are some red flags: The FBI issued an alert last week about victims of romance fraud losing $1 billion in 2021. Similarly, romance scams reported to the Federal Trade Commission rose 80% in 2021, with victims losing $547 million. USA Today, February 16, 2022

Fraudsters are using bots to drain cryptocurrency accounts: Fraudsters are selling bots on Telegram that are designed to trick investors into divulging their two-factor authentication, leading to accounts being wiped out. … Crypto investors are being targeted around the country. … Dr. Anders Apgar, a Coinbase customer, said his account had a balance of more than $100,000 in crypto when it was hacked during a robocall. CNBC, February 15, 2022

Cyber Humor

Cybersecurity in Society

News stories for the cyber-aware citizen.

National Cybersecurity

US officials prep big banks and utilities for potential Russian cyberattacks as Ukraine crisis deepens: Officials from multiple US agencies met Thursday with executives from big US banks to discuss how they might respond to Russian hacking threats as US officials warn that Russia could invade Ukraine at any time, five people briefed on the meeting told CNN.  CNN, February 18, 2022

New Zealand warns of digital collateral damage from Russia-Ukraine crisis: New Zealand’s top cybersecurity agency on Friday warned the country’s “nationally significant” organizations to prepare for cybersecurity risks that might result from the ongoing conflict between Ukraine and Russia. The Record, February 18, 2022

US, Britain accuse Russia of cyberattacks targeting Ukraine: WASHINGTON (AP) — The White House blamed Russia on Friday for this week’s cyberattacks targeting Ukraine’s defense ministry and major banks and warned of the potential for more significant disruptions in the days ahead. AP, February 17, 2022

Ukraine cyberattack is largest of its kind in country’s history, says official: (CNN)A high-volume cyberattack that temporarily blocked access to the websites of Ukrainian defense agencies and banks on Tuesday was “the largest [such attack] in the history of Ukraine,” according to a government minister. CNN, February 16, 2022

Cyberattack Misinformation Could Be Plan for Ukraine Invasion: A falsified video would be an update on the traditional use of propaganda campaigns during warfare … Last week U.S. officials claimed the Russian government was planning to publish a video of a staged “attack” by Ukrainian forces. The officials said their announcement was an attempt to preemptively halt …  Scientific American, February 9, 2022

Cyber Crime

Red Cross Hack Linked to Iranian Influence Operation?: A network intrusion at the International Committee for the Red Cross (ICRC) in January led to the theft of personal information on more than 500,000 people receiving assistance from the group. KrebsOnSecurity has learned that the email address used by a cybercriminal actor who offered to sell the stolen ICRC data also was used to register multiple domain names the FBI says are tied to a sprawling media influence operation originating from Iran. KrebsOnSecurity, February 16, 2022

US says Russian state hackers lurked in defense contractor networks for months: Multiple hacks over 2 years revealed sensitive info about weapons and communications platforms. … Hackers backed by the Russian government have breached the networks of multiple US defense contractors in a sustained campaign that has revealed sensitive information about US weapons-development communications infrastructure, the federal government said on Wednesday. Ars technica, February 16, 2022

How Roblox ‘Beamers’ Get Rich Stealing from Children: Underneath the gaming platform worth $68 billion and used by over half of all children in America is a ballooning and highly profitable ecosystem of hackers and traders. Motherboard, February 14, 2022

Hackers Just Leaked the Names of 92,000 ‘Freedom Convoy’ Donors: GiveSendGo, the Christian crowdfunding site that helped raise $8.7 million for the anti-vax “freedom convoy” in Canada, was hacked on Sunday night. Vice News, February 14, 2022

Ransomware gang says it has hacked 49ers football team: RICHMOND, Va. (AP) — The San Francisco 49ers have been hit by a ransomware attack, with cyber criminals claiming they stole some of the football team’s financial data. Associated Press, February 13, 2022

Cyber Surveillance

How a Saudi woman’s iPhone revealed hacking around the world: WASHINGTON, Feb 17 (Reuters) – A single activist helped turn the tide against NSO Group, one of the world’s most sophisticated spyware companies now facing a cascade of legal action and scrutiny in Washington over damaging new allegations that its software was used to hack government officials and dissidents around the world. Reuters, February 17, 2022

Cyber Warning

 FBI and Secret Service warn about ransomware-as-a-service gang: Cyberattackers are using BlackByte, a ransomware-as-a-service group, to target critical infrastructure in the United States, including government facilities, financial institutions, and the agriculture industry, according to a recent advisory from the FBI and Secret Service. … BlackByte is the gang that infiltrated servers owned by the San Francisco 49ers. Washington Examiner, February 17, 2022

Cyber Government

Investigation: Broward schools took extraordinary steps to hide key details of massive data breach: When the Broward School District learned that hackers may have accessed the personal data of thousands of people from district servers, its response was to hide and delay. … The district took extraordinary steps to keep the public, including 50,000 potential victims, from learning about ransomware attacks that took place from November 2020 to March 2021, a South Florida Sun Sentinel investigation has found. South Florida Sun Sentinel, February 17, 2022

Know the Enemy

Nearly three-quarters of ransomware revenue generated by Russian strains: Nearly $3 in every $4 paid to a ransomware attack stems from a ransomware strain affiliated with Russian actors, according to a new report from cryptocurrency forensics group Chainalysis. SC Media, February 16, 2022

Cybersecurity: These countries are the new hacking threats to fear as offensive campaigns escalate: Outside of major hacking threats like Russia and China, other countries are increasingly turning to cyberattacks and data theft – and the rise of cloud services is helping them. ZDNet February 15, 2022

Identity Management

Eight countries jointly propose principles for mutual recognition of digital IDs: An international working group, consisting of eight countries, found most government-led digital identity initiatives have been designed with mutual recognition and interoperability thus far. ZDNet, February 17, 2022

Information Security Deep-Dive

News stories for the cybersecurity professional and those with cybersecurity responsibilities.

Information Security Management

CISA creates new online resource hub: The Cybersecurity and Infrastructure Security Agency (CISA) on Friday launched a new hub that organizations can use to discover free public and private sector resources to strengthen their cybersecurity. The Record, February 18, 2022

CompTIA ISAO and IT-ISAC Urge Technology Companies to Elevate Cybersecurity Monitoring, Readiness in Response to Rising Geopolitical Tensions: The CompTIA ISAO and IT-ISAC teams will continue to provide updated reporting and share new threat information as it becomes available. … Technology companies should take immediate action to review their cybersecurity readiness to strengthen defenses against potential cyberattacks stemming from rising geopolitical tensions around the world, two leading technology organizations urged today. DARKReading, February 15, 2022

CISA Adds Nine Known Exploited Vulnerabilities to Catalog: CISA has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise. Cybersecurity & Infrastructure Security Agency, February 15, 2022

Ransomware Threat Intel: You’re Soaking In It!: Ransomware is the preeminent cyber threat facing both public and private sector organizations. By one estimate, around four in 10 organizations experienced a ransomware attack (PDF) in the last two years. Moreover, the stakes of ransomware incidents have risen right along with their frequency. Today’s ransomware attacks are complex feats of extortion that combine data theft, malware deployment, denial of service, and other techniques. Ransomware attacks have been linked to disruption of critical infrastructure, from hospitals to gas distribution pipelines. DARKReading, February 14, 2022

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge