Individuals at Risk
Cyber Privacy
New browser-tracking hack works even when you flush caches or go incognito: At least 4 top browsers affected by “powerful tracking vector,” researchers say. ars technica, February 19, 2021
WhatsApp Is Pushing Ahead With Its Controversial Privacy Update Despite User Backlash: WhatsApp has confirmed that it is pushing ahead with the controversial privacy policy changes that sparked a massive backlash against the Facebook-owned messaging app. Forbes, February 19, 2021
Cyber Defense
The 20 Most Common Passwords Found On The Dark Web: By now, you’re probably familiar with common advice surrounding online passwords. Don’t use a sequence of numbers. Don’t use your name. Don’t reuse the same password for all of your accounts. HuffingtonPost, February 20, 2021
Cyber Warning
Malformed URL Prefix Phishing Attacks Spike 6,000%: Sneaky attackers are flipping backslashes in phishing email URLs to evade protections, researchers said. ThreatPost, February 19, 2021
LinkedIn phishing scam tries to fool you with fake document — what you need to know: If anyone shares a ‘LinkedIn Private Shared Document,’ don’t open it. Toms Guide, February 18, 2021
IRS Warns of Fresh Fraud Tactics as Tax Season Starts: Site Spoofing, Phishing Campaigns Proliferate. BankInfoSecurity, February 18, 2021
“ShareIt” Android app with over a billion downloads is a security nightmare: Trend Micro audited one of Android’s most popular file-sharing apps. It’s not good. ars technica, February 16, 2021
Cyber humor
Information Security Management for the Organization
Information Security Management
About 26 Million Fortune 1000 Employee Credentials Available on the Dark Web, Password Reuse Rampant: SpyCloud Breach Exposure Report shows that about 25.9 million Fortune 1000 business accounts and 543 million employee credentials were circulating on the underground hacking forums. Password reuse across personal and professional accounts, weak passwords, and info-stealing bots were blamed for leaking employee login credentials. CPO, February 19, 2021
Turning the page on Solorigate and opening the next chapter for the security community: The recent SolarWinds attack is a moment of reckoning. Today, as we close our own internal investigation of the incident, we continue to see an urgent opportunity for defenders everywhere to unify and protect the world in a more concerted way. We also see an opportunity for every company to adopt a Zero Trust plan to help defend against future attacks. Microsoft, February 18, 2021
Combining Three Pillars Of Cybersecurity: Our digital world is under assault, and we need to urgently upgrade our defenses. In the past couple of years, the digital attack surface has vastly expanded from a move to remote work, from more people coming online, and from more interconnectivity of PCs and smart devices around the globe. Simultaneously, criminal enterprises and state actors have taken advantage of the lack of visibility and security administration. They are sharing resources and tactics over Dark Web forums and are growing more sophisticated and capable of using advanced hacking tools that enable them to discover vulnerable targets to infiltrate malware and automate attacks. Forbes, February 18, 2021
Privacy Management
Your Computers & Privacy: Ready or Not, There They Go: Our right to privacy is being challenged in new and urgent ways. As consumers, we must be aware of the impact our choices have on privacy. As businesses, we must know our obligations to protect Personally Identifiable Information (PII) we collect from customers, employees, and others. This obliga-tion has taken on increased urgency as cybercrime has grown to epidemic levels and it is too easy to access, steal, change, and destroy information. David, Lam, Miller Kaplan, February 15, 2021
Secure The Human
What behavioral experts can teach us about improving security. As organizations tackle the new reality of a distributed workforce, there is much to be learned from the behavioral economics discipline: The “castle and moat” approach to protecting one’s domain was effective for centuries. At the start of the internet age, when a company’s greatest assets were physically located on-premises and when employees were accessing them in a predictable way (using company-issued computers, from familiar locations and at expected times), it still largely worked. HelpNetSecurity, February 19, 2021
Cybersecurity in Society
Cyber Crime
The U.S. Has Released the Most Comprehensive Catalog of North Korean Cybercrimes Ever Made Public…The range of activities, victims, and theft and extortion models laid out in the indictment is staggering: North Korea has always been a bit of an outlier among the countries that make extensive use of offensive cyber capabilities. Unlike the United States, Russia, China, Israel, or Iran, North Korea has never appeared to be particularly focused on cyber-espionage or targeted cyber-sabotage. Instead it has performed a series of financially-motivated cybercrime campaigns like the 2017 WannaCry ransomware, as well as some splashy revenge-motivated breaches, most notably the 2014 Sony Pictures compromise. These high-profile incidents have suggested for a while that North Korea has more in common with cybercriminals than other nation states. But a December indictment unsealed this week by the Department of Justice makes clear just how central financial gain is to North Korea’s cyber activities. More importantly, it sheds light on the extent to which cryptocurrency and cybercrime can allow countries to undermine existing economic sanctions. Slate, February 19, 2021
Kia outage may be the result of ransomware; Company says ‘no’: A week-long outage for Kia is reportedly connected to a ransomware attack from the DoppelPaymer gang, says BleepingComputer. TechRepublic, February 19, 2021
Safety Certification Giant UL Has Been Hit By Ransomware… The 127-year-old company once known as Underwriters Laboratories is wrestling with a ransomware outbreak: UL, which you may know better as Underwriters Laboratories, has overcome countless obstacles in its 127-year run as the world’s leading safety testing authority. Now they’re facing down a true 21st century menace: ransomware. Forbes, February 19, 2021
Ransomware Gang Claims to Sell Off Data from AFTS Cyberattack: A ransomware gang called “Cuba” claims to be selling off data on the dark web belonging to Automatic Funds Transfer Services (AFTS), a Seattle-based financial services and data management firm that suffered a bad ransomware attack in early February. Gizmodo, February 19, 2021
California DMV Warns Millions of Records May Have Been Exposed in Worrisome Data Breach: The California Department of Motor Vehicles has warned state residents that over a year’s worth of data—including customer addresses and license plate numbers—may have been compromised in a recent cyberattack on third-party contractor, Automatic Funds Transfer Services (AFTS). Gizmodo, February 18, 2021
Cyber Attack
New malware found on 30,000 Macs has security pros stumped: With no payload, analysts are struggling to learn what this mature malware does. ars technica, February 20, 2021
FBI, other agencies issue warnings after Oldsmar water system attack: At the time of the attack, Pinellas County Sheriff Bob Gualtieri said the intrusion likely happened through software called TeamViewer, which is used for remote access. Tampa Bay Times, February 18, 2021
Researcher Hacks 35 Major Companies In A Mock Supply Chain Attack: A cybersecurity researcher breached over 35 major companies, including Apple and PayPal in a novel software supply chain attack. CPO, February 18, 2021
National Cybersecurity
The Untold History of America’s Zero-Day Market: The lucrative business of dealing in code vulnerabilities is central to espionage and war planning, which is why brokers never spoke about it—until now. Wired, February 14, 2021
U.S. Cyber Weapons Were Leaked — And Are Now Being Used Against Us, Reporter Says: In December 2020, a U.S. cybersecurity company announced it had recently uncovered a massive cyber breach. The hack dates back to March 2020, and possibly even earlier, when an adversary, believed to be Russia, hacked into the computer networks of U.S. government agencies and private companies via SolarWinds, a security software used by many thousands of organizations in the U.S. and around the world. NPR, February 10, 2021
National Cybersecurity – Solar Winds
SolarWinds: How Russian spies hacked the Justice, State, Treasury, Energy and Commerce Departments: Bill Whitaker reports on how Russian spies used a popular piece of software to unleash a virus that spread to 18,000 government and private computer networks. 60 Minutes, CBS, February 14, 2021
The Right Response to SolarWinds: A strongly worded message has been sent to Moscow, but a forcible response that changes minds is elusive. Council on Foreign Relations, February 8, 2021
Cyber Defense
CIS launches MDBR, a no-cost ransomware protection service for private hospitals: The Center for Internet Security is launching a no-cost ransomware protection service, Malicious Domain Blocking and Reporting (MDBR), for private hospitals in the U.S. CIS is fully funding this service for all private hospitals in the U.S. as part of its nonprofit mission to make the connected world a safer place. HelpNetSecurity, February 19, 2021
Cyber Privacy
Privacy Without Monopoly: Data Protection and Interoperability: The problems of corporate concentration and privacy on the Internet are inextricably linked. A new regime of interoperability can revitalize competition in the space, encourage innovation, and give users more agency over their data; it may also create new risks to user privacy and data security. This paper considers those risks and argues that they are outweighed by the benefits. New interoperability, done correctly, will not just foster competition, it can be a net benefit for user privacy rights. Electronic Frontier Foundation, February 12, 2021
Cyber Surveillence
PRC Spying, Malware and Disinformation Campaigns Push Hong Kong Dissidents to Underground Communications Channels: Following the anti-extradition protests that spanned from 2019 into 2020, the Chinese Communist Party has stepped up its digital actions against Hong Kong activists and dissidents. A new report from threat intelligence firm Intsights finds that aggressive disinformation campaigns and related measures have forced organizers to move to the digital underground, using encryption and the dark web to keep the PRC from observing and inserting itself into their communications. CPO, February 19, 2021
Know Your Enemy
Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang: The leader of Mexico’s Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexico’s top tourist destinations over the past five years. The scandal is the latest fallout stemming from a three-part investigation into the organized crime group by KrebsOnSecurity in 2015. KrebsOnSecurity, February 19, 2021
Compromised Credentials Show That Abuse Happens in Multiple Phases: The third stage, when threat actors rush to use stolen usernames and password pairs in credential-stuffing attacks, is the most damaging for organizations, F5 says. DarkReading, February 16, 2021
Cyber Enforcement
Cybercriminal Enterprise ‘Ringleaders’ Stole $55M Via COVID-19 Fraud, Romance Scams: The Department of Justice (DoJ) cracked down on a Ghana-based cybercriminal enterprise behind a slew of romance scams, COVID-19 fraud attacks and business email compromise schemes since 2013. ThreatPost, February 18, 2021
U.S. Indicts North Korean Hackers in Theft of $200 Million: The U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, including the 2014 hack of Sony Pictures, the global WannaCry ransomware contagion of 2017, and the theft of roughly $200 million and attempted theft of more than $1.2 billion from banks and other victims worldwide. KrebsOnSecurity, February 17, 2021
Cyber Miscellany
What we can learn from the Facebook-Australia news debacle: Democracies are right to look for creative ways to direct money from big tech to the news industry. MIT Technology Review, February 20, 2021
Atheists warn followers of unholy data leak, hint dark deeds may have tried to make it go away: Rival atheists accused of not believing in privacy law. The Register, February 19, 2021
