Cybersecurity News of the Week, February 28, 2021

Individuals at Risk

Cyber Privacy

‘Millions of people’s data is at risk’ — Amazon insiders sound alarm over security: Whistleblowers say they were forced out after flagging problems with e-commerce giant’s data security and compliance. Politico, February 24, 2021

Clubhouse chats streamed to third‑party website: The incident raises concerns about the privacy and security of conversations taking place on the platform. WeLiveSecurity, February 23, 2021

Cyber Warning

SHAREit Android File-Sharing App Security Flaw Exposes Users to Remote Code Execution and Sensitive Data Leaks: File-sharing app SHAREit has several security flaws exposing users to the risk of remote code execution and sensitive data leaks. Trend Micro disclosed the security flaw after auditing one of the most popular android file-sharing apps with over a billion downloads on the Google Play Store. CPO, February 25, 2021

How to protect yourself from common job search scams: A new FlexJobs survey reveals 14 of the most common–and successful–job-search scams. Here’s how to identify them and not become a victim. TechRepublic, February 24, 2021

Cyber Humor

Information Security Management for the Organization

Information Security Management

Ransomware: Beware of 13 Tactics, Tools and Procedures … Ransomware continues to sting numerous organizations, and the problem only seems to be getting worse. So, defenders would do well to have more effective defenses in place: Use Threat Hunting to Better Spot Attacks in Progress, Security Experts Recommend. BankInfoSecurity, February 26, 2021

16 Critical Things Every Business Leader Should Know About Ransomware: With more and more data being stored digitally or in the cloud, ransomware has become a rising issue in recent years. While most people have heard of ransomware, business leaders may not always be aware of factors that can contribute to higher risk. Forbes, February 25, 2021

4 Common Myths About Cyber Resilience: Active Directory recovery is a crucial — and often overlooked — part of any cybersecurity plan. GT, February 25, 2021

Compliance, Privacy, Security in a Work From Home (WFH) environment, oh my: The concept of working from home (WFH) is not a new concept. Prior to the vast spread of COVID-19 nearly 50% of U.S. businesses offered remote work schedules to employees. With today’s technology, it is relatively easy worldwide to work from anywhere as connecting to the internet isn’t a challenge. But trying to maintain compliance with regulation, security of systems, and privacy of data certainly is. CyberSecurity Hub, February 22, 2021

How a CISO’s Executive Role Has Changed: Ever since the role of the chief information security officer (CISO) was first created in 1994, the position has been treated like the pesky youngest sibling in the C-suite family. In the office, the CISO wasn’t given the same voice as the chief information officer (CIO) or other executives. During meetings of the board of directors, the CISO often wasn’t given a place at the table, and digital defense wasn’t treated as highly important for the business. SecurityIntelligence, February 22, 2021

Braced for Impact: Fostering Good Cloud Security Posture Management … Cloud Security Posture Management puts you on the right foot when it comes to understanding and organizing cloud security. See how it works here: Starting off on the right foot in digital defense today means having good Cloud Security Posture Management (CSPM). Although it can be challenging to adopt, this set of strategies and tools manages and orchestrates cloud security in ways other tactics don’t. It shows gaps might arise between organizations’ stated cloud defense policies, their actual posture or their overall defenses in the cloud. Let’s take a look at why this is important and how it can be used in the real world. SecurityIntelligence, February 18, 2021

Cyber Defense

Microsoft Releases Queries for SolarWinds Attack Detection: Microsoft is making available the CodeQL queries it used to detect malicious implants in the massive supply chain attack. BankInfoSecurity, February 26, 2021

Cyber Warning

6,000 VMware vCenter Devices Vulnerable to Remote Attacks … VMware has issued recommendations for patching the flaw: Flaw Allows Unauthorized Users to Send Specially Crafted Requests. BankInfoSecurity, February 25, 2021

CISA releases joint cybersecurity advisory on exploitation of Accellion file transfer appliance: The cybersecurity authorities of Australia, New Zealand, Singapore, the United Kingdom, and the United States have released Joint Cybersecurity Advisory AA21-055A: Exploitation of Accellion File Transfer Appliance. Security Magazine, February 25, 2021

Microsoft Lures Populate Half of Credential-Swiping Phishing Emails: As more organizations migrate to Office 365, cybercriminals are using Outlook, Teams and other Microsoft-themed phishing lures to swipe user credentials. ThreatPost, February 24, 2021

Cybercriminals Target QuickBooks Databases: Stolen financial files then get sold on the Dark Web, researchers say. DarkReading, February 24 2021

61% of Malware Delivered via Cloud Apps … Researchers report the majority of malware is now delivered via cloud applications – a jump from 48% last year. Leading apps include Microsoft OneDrive, Amazon S3, and SharePoint: Researchers report the majority of malware is now delivered via cloud applications – a jump from 48% last year. DarkReading, February 24, 2021

Secure The Human

The Fault in Our Emails: Why Everyone Still Falls for Phishing Attacks: Phishing emails occupy a unique place in our society. Their concept is simple enough for anyone – from layperson to security expert – to understand. However, if you thought this simplicity would translate to easier, more universal phishing protection, nothing could be further from the truth. CPO, February 25, 2021

Cybersecurity in Society

Cyber Crime

Healthcare Cyber Attacks Rise by 55%, Over 26 Million in the U.S. Impacted: Given that health records have become a very valuable commodity, the industry has established issues with lax security, and the coronavirus has created a slew of new opportunities due to the rise in telemedicine, it’s not a surprise that there has been a significant increase in healthcare cyber attacks. The numbers revealed by a new Bitglass study are nevertheless eye-popping; an increase of over 55% in 2020, with an estimated impact to the protected health information (PHI) of some 26 million people in the United States. CPO, February 26, 2021

Dutch research funding agency, paralyzed by ransomware attack, refuses to pay up … Hackers seeking to extort Netherlands Organisation for Scientific Research release confidential documents: Hackers published a batch of internal documents from the Netherlands Organisation for Scientific Research (NWO) on the dark web yesterday, after the agency refused to pay up in a ransomware attack. The attack, which began on 8 February, has completely knocked out the agency’s grant application and review process and cut off NWO’s communication with applicants, grantees, and universities. Science Mag, February 25, 2021

How $100M in Jobless Claims Went to Inmates: The U.S. Labor Department’s inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail. That’s a tiny share of the estimated tens of billions of dollars in jobless benefits states have given to identity thieves in the past year. To help reverse that trend, many states are now turning to a little-known private company called ID.me. This post examines some of what that company is seeing in its efforts to stymie unemployment fraud. KrebsOnSecurity, February 25, 2021

Finnish IT Giant Hit with Ransomware Cyberattack: TietoEVRY was forced to shut down services and infrastructure as the company continues to investigate the incident with relevant authorities. ThreatPost, February 23, 2021

The Cybersecurity 202: Cybercrime skyrocketed as workplaces went virtual in 2020, new report finds: Companies faced significantly more digital threats last year as the coronavirus pandemic forced a shift to remote work – and hackers are likely gearing up for even more attacks as many choose to keep workers home until the end of 2021, or in some cases permanently. The Washington Post, February 22, 2021

Cyber Privacy

The Problem with Treating Data as a Commodity: Excellent Brookings paper: “Why data ownership is the wrong approach to protecting privacy.” From the introduction: Treating data like it is property fails to recognize either the value that varieties of personal information serve or the abiding interest that individuals have in their personal information even if they choose to “sell” it. Data is not a commodity. It is information. Any system of information rights­ — whether patents, copyrights, and other intellectual property, or privacy rights — ­presents some tension with strong interest in the free flow of information that is reflected by the First Amendment. Our personal information is in demand precisely because it has value to others and to society across a myriad of uses. Schneier on Security, February 26, 2021

Virginia is about to get a major California-style data privacy law: Virginia’s the first on deck since California’s CCPA in 2018, but more are coming. ars technica, February 11, 2021

National Cybersecurity

As ransomware inches from economic burden to national security threat, policies may follow: On Wednesday – just Wednesday – news stories emerged about an airplane maker, information technology giant and computer game company all having operations disrupted by ransomware. In the last year, such attacks have swept through every sector, affected schools, hospitals, critical infrastructure, transportation and governments. SC Magazine, February 25, 2021

Cyber Diplomacy Act aims to elevate America’s global cybersecurity standing: The new bill has bipartisan support to improve the US’s ability to prevent and respond to cyberattacks and correct missteps of the Trump administration. CSO, February 25, 2021

Our Dire Need for a National Cybersecurity Agency: As you are reading this, you are using the Internet and are at risk of a cyberattack. Our work, personal, and social lives mostly involves us viewing a phone, iPad, laptop, or computer screen on average at least seven hours a day. Even a routine visit to the doctor is vulnerable. Everyone is at risk of a cyberattack in some form. International Policy Digest, February 24, 2021

Ukraine says Russia hacked its document portal and planted malicious files: Ukraine says Russia also backed massive DDoS attack using never-before-seen methods. ars technica, February 24, 2021

Know Your Enemy

This chart shows the connections between cybercrime groups: CrowdStrike puts together a list of connections and how cybercrime groups cooperate with each other. ZDNet, February 25, 2021

Cyber Criminals Are Working Harder to Hide Their Stolen Bitcoin: Crypto criminals are increasingly looking for more ways to hide the flow of stolen funds, says a report. Decrypt, February 24, 2021

Cyber Freedom

China Persecutes Those Who Question ‘Heroes.’ A Sleuth Keeps Track. … An online spreadsheet with an anonymous minder tabulates Xi Jinping’s crackdown on speech: In China, don’t question the heroes. The New York Times, February 26, 2021

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge