This week’s essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned. Designed to educate, support, and advocate.
Stan’s Top of the News
Might this be the straw that breaks the proverbial camel’s back? The tipping point? Please Ms. Swift. Point your Swifties towards Congress. Help us push meaningful privacy reform with strong penalties for deep fakes over the goal line. Please.
- Fake explicit Taylor Swift images: White House is ‘alarmed’: Millions came across fake sexually explicit AI-generated images of Taylor Swift on social media this week, underscoring for many the need to regulate potential nefarious uses of AI technology. … The White House Press Secretary told ABC News Friday they are “alarmed” by what happened to Swift online and that Congress “should take legislative action.” … “We are alarmed by the reports of the…circulation of images that you just laid out – of false images to be more exact, and it is alarming,” White House Press Secretary Karine Jean-Pierre told ABC News White House Correspondent Karen L. Travers. … Just last week, Rep. Joe Morelle renewed a push to pass a bill that would make nonconsensual sharing of digitally-altered explicit images a federal crime, with jail time and fines. … “We’re certainly hopeful the Taylor Swift news will help spark momentum and grow support for our bill, which as you know, would address her exact situation with both criminal and civil penalties,” a spokesperson for Morelle told ABC News.
Small and Midsize Organizations. Take your security to the next level. Apply Now! If you’re a small business, nonprofit, or IT / MSP in the greater Los Angeles area, apply NOW for LA Cybersecure, a pilot program with coaching and guidance that costs less than two cups of coffee a week. https://securethevillage.org/la-cybersecure-pilot/ The LA Cybersecure Pilot Program is funded by a grant from the Center for Internet Security (CIS) Alan Paller Laureate Program.
Family Protection Newsletter: Did you know we created the Family Protection Newsletter for non-cyber experts? For your parents, friends, those who need to protect themselves in a digital world. Sign up or share with a friend! Click here to learn more and quickly add to your free subscription!
How Hackable Are You? Take our test. Find out how hackable you are and download our free updated 13-step guide.
- How Hackable Are You? Think your defenses are strong. Find out as SecureTheVillage tests you on five basics. Please take our short test as your answers will help you and guide us to improve community safety.
Upcoming events. Please join us.
- Los Angeles Cybersecurity Workforce Coalition: The monthly meeting of the workforce coalition, Tue, February 6, 1:00 pm – 2:00 pm PT. The LA Cybersecurity Workforce Coalition is for employers, educators, government, nonprofits, and others with a professional interest in the cybersecurity workforce challenge.
Please Support SecureTheVillage.
- We need your help if we’re to build a world of CyberGuardians. Please donate to SecureTheVillage. Thank you. It takes a village to secure the village. TM.
Cybersecurity Nonprofit of the Week … The Global Anti-Scam Alliance
Our kudos this week to the Global Anti-Scam Alliance. Their mission is to create a world where people worldwide are safe from the financial and emotional trauma caused by online scams. To protect consumers worldwide from scams. GASA realizes its mission by raising awareness, enabling hand-on tools for consumers and law enforcement, facilitating knowledge sharing, organizing research, supporting the development of (legal) best practices, and offering training and education. Like SecureTheVillage, the Global Anti-Scam Alliance is a fellow-member of Nonprofit Cyber.
Live on Cyber with Dr. Stan Stahl – Live on LinkedIn and Your Favorite Podcast Platform
Distrust and caution (Video) (Podcast): Benjamin Franklin said, “Distrust and caution are the parents of security.” Businesses, people need to flex their distrust. Distrust email . Distrust text messages. Distrust ads on Facebook. Caution always. Question everything. … Join Julie and Stan as they discuss the devastating – even deadly – consequences of cyber scams. … Want to join the fight for online safety? Learn how LA Cybersecure is helping: https://securethevillage.org/la-cybersecure-pilot/. … Subscribe to Live on Cyber with Stan Stahl, PhD and Julie Michelle Morris, your weekly 15-min update on the latest in privacy and information security affecting our businesses and the communities we live in!
Section 2 – Let’s Be Careful Out There. And Let’s Help Others Who Aren’t Yet Cyber-Aware.
This follows last week’s sad story of a teenager who committed suicide. Please talk to your children. And please talk to your friends to talk to their children.
- Sextortion training materials found on TikTok, Instagram, Snapchat and YouTube, according to new report: A form of cybercrime called “financial sextortion” is rapidly rising in North America and Australia, with a major portion driven by a non-organized cybercriminal group in West Africa who call themselves “Yahoo Boys,” according to a new study from the Network Contagion Research Institute (NCRI). … Sextortion is “a crime that involves adults coercing kids and teens into sending explicit images online,” according to the FBI. The criminals threaten their victims with wide distribution of the explicit images, including to the victims’ friends and family, unless the victims pay them, repeatedly, through a variety of peer-to-peer payment apps, cryptocurrency transfers and gift cards.
Warning: A cache of 26 billion stolen records has been found. Higher risk of identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts.
- Mother of all breaches reveals 26 billion records: what we know so far: The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak, which contains LinkedIn, Twitter, Weibo, Tencent, and other platforms’ user data, is almost certainly the largest ever discovered.
More people are having their iPhones stolen. With the phone goes sensitive information. Often the ability to get into your bank. Take advantage of Apple’s easy to implement defense.
- Stolen Device Protection on iOS 17.3: Here’s What the New Feature Secures.: Apple recommends everyone turn this feature on. … On Monday Apple released iOS 17.3, which brought some bug fixes and a few new features. The update also introduces a new security feature called Stolen Device Protection, which aims to protect your data if your iPhone is stolen or falls into nefarious hands. … According to Apple, Stolen Device Protection can help protect your accounts and personal information in case your iPhone is stolen. This is an optional feature, but Apple recommends everyone turn it on.
Section 3 – Cybersecurity and Privacy News for the Cyber-Concerned.
Cyber-attacks on water systems continue in the news. Here and in the UK. Including supply chain attacks. More federal guidance as well.
- US Gov Publishes Cybersecurity Guidance for Water and Wastewater Utilities:CISA, FBI and EPA document aims to help water and wastewater organizations improve their cyber resilience and incident response. … Released in response to an increased interest by financially and politically motivated threat actors in the United States’ WWS sector, the guide outlines how water utility owners and operators can interact with federal partners to prepare for, mitigate, and respond to incidents.
- Water facility operator says ransomware attack affected North America division: One of the world’s biggest operators of water and wastewater systems dealt with a ransomware attack last week that affected its operations in North America. … Veolia is an international firm that specializes in creating water, waste and energy management systems. The company reports about $5 billion in yearly sales in the United States and operates 8,500 water and wastewater facilities around the world, as well as in all 50 U.S. states.
- Southern Water confirms cyber attack after Black Basta claims: UK utility Southern Water, which serves customers in East Sussex, Hampshire, the Isle of Wight, Kent and West Sussex, has confirmed it is probing a major cyber incident after the Black Basta ransomware syndicate claimed to have accessed its systems.
Our local governments are bleeding tax dollars dealing with ransomware attacks. It’s not that we don’t know what to do. It’s that we lack the will. What will it take?
- Local governments in Colorado, Pennsylvania and Missouri dealing with ransomware: Multiple local governments are dealing with cyberattacks, including ransomware incidents, this week, causing outages and problems for county hospitals, libraries and other local services. … Bucks County, Pennsylvania — home to nearly 650,000 people — said on Wednesday that it is still grappling with a cybersecurity incident that has knocked out the Emergency Communications’ Department’s computer-aided dispatch (CAD) system. … The Kansas City Area Transportation Authority (KCATA) said it was hit with ransomware on Tuesday, prompting them to contact the FBI and other law enforcement agencies. … Ransomware was also the culprit behind a cyberattack on Douglas County Libraries in Colorado. … A spokesperson for the library told Recorded Future News that they experienced “temporary catalog and service outages” due to a ransomware attack that was initially discovered on January 14.
Two swatting stories this week are likely harbingers of more attacks ahead. It’s just too easy for anyone anywhere to call the police, saying they hear gunshots or something …
- US Presidential Candidate Nikki Haley Recent Target Of ‘Swatting’ Attack: Swatting is the act of contacting police with a false report of an emergency. … The South Carolina home of Republican presidential candidate Nikki Haley was the target of a “swatting” incident at the end of last month, a new report has said. According to Reuters, a man claimed to have shot a woman and threatened to harm himself at Ms. Haley’s home in Kiawah Island on December 30. Ms Haley, who previously served as South Carolina’s governor, and her family were not home at the time of the call. It was later deemed as a fake emergency. The case remains under investigation.
- CISA’s Easterly the target of ‘harrowing’ swatting incident: Cybersecurity and Infrastructure Security Agency Director Jen Easterly’s home was swatted late last month, another incident in what has become a nationwide trend targeting state and federal government officials.
SIM swap attacks are becoming more common. The culprit is the incredible ease with which miscreants can deceive telecom carriers into giving over a device. One more hole in our Swiss Cheese of cyber-protections. One more reason for strong enforceable regulations protecting we the people.
- SEC blames ‘SIM swap’ attack for compromising X account ahead of ETF approval: The Securities and Exchange Commission said Monday that a “SIM swap” attack was responsible for an unauthorized social media post that triggered market chaos and erased billions of market value in just minutes. … The Jan. 9 post on X, formerly known as Twitter, stated that the SEC had granted money managers the approval to launch spot bitcoin exchange-traded funds, even though it hadn’t. The final approval for those ETFs came roughly 24 hours later. … The confusion that followed the fake post attracted new scrutiny to the SEC, a longtime foe of the cryptocurrency industry that is still in the middle of a widespread crackdown on some of crypto’s major players. … The SEC on Monday offered more details about how this hack happened. It said an “unauthorized party” obtained the SEC cell phone number associated with the account on X in what the agency is calling “an apparent ‘SIM swap’ attack.” … To pull off such an attack, hackers need to know how mobile wireless carriers authenticate a customer’s identity and some portion of information about their victims. Often, this only requires a phone number and address. … The SEC said access to the phone number “occurred via the telecom carrier, not via SEC systems” and that it has “not identified any evidence that the unauthorized party gained access to SEC systems, data, devices, or other social media accounts.”
As the UN begins final negotiations on a Russian-backed cybercrime treaty, U.S. Government calls treaty unnecessary. EFF and other organizations sound alarm.
- Civil Society Sounds Alarms on UN Cybercrime Treaty: Final Round of Negotiations Set to Begin on Monday. … Civil society is warning that a draft United Nations cybercrime treaty would be counterproductive. … A draft international cybercrime treaty set to enter a final round of negotiations at the United Nations Monday drew condemnation from civil society groups that said it will criminalize security research and promote indiscriminate police surveillance. … U.N. members have been working on an international cybercrime treaty following the surprise outcome of a 2019 General Assembly vote authorizing negotiations. Critics, including the U.S. government, said the Russia-backed proposal was unnecessary given the existence of more than five dozen signatories to the long-standing Convention on Cybercrime, more commonly known as the Budapest Convention. … The proposal is set to be finalized in February, and more than 100 civil society organizations criticized its language, arguing that it will be counterproductive in the fight against cybercrime.
Several cybercrime stories this week, including complementary reports from Microsoft and Hewlett Packard about Russian attacks on their systems.
- Microsoft says Russian hackers also targeted other organizations: On Friday, Microsoft revealed that it had been the victim of a hack carried out by Russian government spies. Now, a week later, the technology giant said that it was not the only target of the espionage operation. … In a new blog post, Microsoft said that “the same actor has been targeting other organizations and, as part of our usual notification processes, we have begun notifying these targeted organizations.”
- Hewlett Packard Enterprise tells SEC it was breached by Russia’s ‘Cozy Bear’ hackers: Hackers with suspected ties to the Russian government gained access to the technology manufacturer Hewlett Packard Enterprise Co.’s (HPE) cloud-based email environment, the company said Wednesday. … In a filing with SEC regulators on Wednesday afternoon, HPE said it was notified on December 12 that hackers connected to Cozy Bear, also known as Midnight Blizzard, had breached its network and spent months exfiltrating data. The company did not respond to requests for comment about who notified them of the incident.
- EquiLend, a Securities Lending Platform, Hit by Cyberattack: EquiLend Holdings, a financial technology company at the center of the securities-lending market, said hackers took several of its systems offline this week, and added that restoring them may take days. … In a statement, the company said its systems were knocked out by a “technical issue” on Monday, and an investigation later determined a cyberattack was the cause.
- The LockBit ransomware gang claims to have hacked fast food restaurant franchise Subway: Subway IP LLC is an American multinational fast-food restaurant franchise that specializes in submarine sandwiches (subs), wraps, salads, and drinks. … The Lockbit ransomware group added Subway to the list of victims on its Tor data leak site and threatened to leak the stolen data on February 02, 2024. The group claims to have stolen hundreds of gigabytes of sensitive data. The gang said that stolen data includes employee salaries, franchise royalty payments, master franchise commission payments, restaurant turnovers, and more
Section 4 – Managing Information Security and Privacy in Your Organization.
Important stats from the Better Business Bureau.
- BBB Business Tip: Nine data privacy stats small businesses should know: As a business owner, protecting your company and your clients’ data is a huge concern. With data breaches on the rise, it’s clear that hackers are constantly on the lookout for opportunities to steal sensitive information. On the flip side, consumers, eager to avoid data breaches, are becoming more selective about who they trust with their personal information and business in general. … Even if you prioritize protecting your clients’ data, you could you still be vulnerable to an attack. Keeping an eye on the latest data privacy news and statistics can help you identify ways to protect yourself and your customers. Even if you don’t have the security budget of a Fortune 500 company, there are plenty of steps you can take to secure your organization’s data.
For IT. Using GoAnywhere MFT? Patch it immediately.
- Patch Your GoAnywhere MFT Immediately – Critical Flaw Lets Anyone Be Admin: A critical security flaw has been disclosed in Fortra’s GoAnywhere Managed File Transfer (MFT) software that could be abused to create a new administrator user.