Cybersecurity News of the Week, July 25, 2021

SecureTheVillage – Volunteers Needed for Golf Tournament

Golfer? Cybersecurity Pro? STV CyberLeader? We are looking for 10-15 people to join the STV Golf Committee for SecureTheVillage’s inaugural golf tournament on October 20, 2021 at Moorpark CC. The tournament will be part of our activities in support of Cybersecurity Awareness Month. The Golf Committee will consist of 10-15 people to help with marketing, logistics, setup, registration, administration, fundraising, etc.  We are looking to fill these roles for the committee and have a successful inaugural tournament for the Village. To volunteer or for more information, email Board Member Jason Meshekow at [email protected]

Individuals at Risk

Cyber Privacy

Venmo Takes Another Step Toward Privacy: As part of a larger redesign, the payment app Venmo has discontinued its public “global” feed. That means the Venmo app will no longer show you strangers’ transactions—or show strangers your transactions—all in one place. This is a big step in the right direction. But, as the redesigned app rolls out to users over the next few weeks, it’s unclear what Venmo’s defaults will be going forward. If Venmo and parent company PayPal are taking privacy seriously, the app should make privacy the default, not just an option still buried in the settings. EFF, July 21, 2021

Cyber Defense

One in 16 home wi-fi routers tested vulnerable to default password attacks: report – Comparitech … Change Your Router’s Password Now: Attackers can find and remotely access about one in 16 internet-connected home wi-fi routers using the manufacturer’s default admin password, a Comparitech study has found. Victims could be at risk of eavesdropping, malware, hijacking, and more. Comparitech, July 20, 2021

Cyber Warning

Scammers offer streaming services, giveaways and a fake cyber currency to cash in on the Olympic Games: Kaspersky’s analysis found that cybercriminals are getting extra creative with the latest campaigns designed to harvest credentials. TechRepublic, July 22, 2021

Cybercriminals may target 2020 Tokyo Olympics, FBI warns: Cybercriminals may target the popular event with ransomware, phishing, or DDoS attacks in a bid to increase their notoriety or make money. welivesecurity, July 21, 2021

Cyber Humor

Information Security Management for the Organization

Information Security Management

Kaseya Obtains Universal Decryptor for REvil Ransomware: The vendor will work with customers affected by the early July spate of ransomware attacks to unlock files; it’s unclear if the ransom was paid. ThreatPost, July 23, 2021

The 25 most dangerous software vulnerabilities to watch out for: MITRE releases its list of the most dangerous software weaknesses, detailing the most common vulnerabilities which can give cyber criminals the ability to access machines to steal data or cause crashes. ZDNet, July 23, 2021

Thriving in Chaos: How Cyber Resilience Works: In cybersecurity as in most jobs, problems don’t happen one at a time, you’re bound to have a few at once. Speakers at the RSA Conference 2021 talked about this in terms of maintaining cyber resilience in chaos. So, what does the buzzword ‘cyber resilience’ really mean? And why is it important to be able to embrace chaos in your day-to-day work? SecurityIntelligence, July 22, 2021

Cloud security in 2021: A business guide to essential tools and best practices: Cloud applications have proved useful to enabling remote work. But cloud computing brings its own security risks. ZDNet, July 22, 2021

Beyond Ransomware: Four Threats Facing Companies Today: The recent DarkSide attack makes it clear: no system is safe from ransomware. And while the attackers say they weren’t out to hurt anyone, only to make money, the impact is the same. It could lead to potential disruptions of critical services across the country. At the same time, it stokes fears that similar attacks could happen more often in the future. SecurityIntelligence, July 21, 2021

Don’t Wanna Pay Ransom Gangs? Test Your Backups: Browse the comments on virtually any story about a ransomware attack and you will almost surely encounter the view that the victim organization could have avoided paying their extortionists if only they’d had proper data backups. But the ugly truth is there are many non-obvious reasons why victims end up paying even when they have done nearly everything right from a data backup perspective. KrebsOnSecurity, July 19, 2021

Cybersecurity in Society

Cyber Crime

Saudi Aramco confirms data leak after $50m cyber ransom demand: World’s largest oil producer says some company files were compromised. Financial Times, July 21, 2021

Cyber Surveillance — Pegasus

NSO’s Pegasus spyware: here’s what we know: The Pegasus Project reports that journalists, activists, and heads of state could have been infiltrated. The Verge, July 23, 2021

Spyware for sale: The booming trade in surveillance tech like Pegasus: Israeli’s NSO Group is in the eye of a storm over its Pegasus spyware — but it is far from the only company helping governments with their covert surveillance operations. The Economic Times, July 22, 2021

Why Apple’s walled garden is no match for Pegasus spyware: Up for discussion in the Guardian tech newsletter: Spotlight on Apple security … shake-up in the video game market … online age verification … and space tourism. The Guardian, July 21, 2021

Pegasus Project Shows the Need for Real Device Security, Accountability, and Redress for Those Facing State-Sponsored Malware: People all around the world deserve the right to have a private conversation. Communication privacy is a human right, a civil liberty, and one of the centerpieces of a free society. And while we all deserve basic communications privacy, the journalists, NGO workers, and human rights and democracy activists among us are especially at risk, since they are often at odds with powerful governments. EFF, July 20, 2021

The Rise and Fall of NSO Group: He looked the journalist in the eyes, a serious expression on his face: “When I first heard there are accusations that our technology [had] been used on Jamal Khashoggi or on his relatives, I started an immediate check about it.” Forbidden Stories, July 19, 2021

Revealed: leak uncovers global abuse of cyber-surveillance weapon: Spyware sold to authoritarian regimes used to target activists, politicians and journalists, data suggests. The Guardian, July 18, 2021

Cyber Attack

Wiper malware targeting Japanese PCs discovered ahead of Tokyo Olympics opening”: A Japanese security firm said it discovered an Olympics-themed malware sample that contains functionality to wipe files on infected systems and appears to be targeted at Japanese PCs. The Record, July 22, 2021

Pro-Trump MAGACOIN crypto launch marred by website data breach: Roughly 75 million MAGACOIN were created to support pro-Trump candidates in 2022. CoinTelegraph, July 22, 2021

Cyber Espionage

US Accuses China of Using Criminal Hackers in Cyber Espionage Operations: DOJ indicts four Chinese individuals for alleged role in attacks targeting intellectual property, trade secrets belonging to defense contractors, maritime companies, aircraft service firms, and others. DarkReading, July 19, 2021

Cyber Privacy

This outed priest’s story is a warning for everyone about the need for data privacy laws: Your location data is for sale, and it can be used against you. Recode, July 21, 2021

Opinion | The Assault on Our Privacy Is Being Conducted in Private: “You have zero privacy anyway,” Scott McNealy, the chief executive of Sun Microsystems, infamously declared more than 20 years ago. “Get over it.” The New York Times, July 13, 2021

Know Your Enemy

The world’s top ransomware gangs have created a cybercrime “cartel”: Several of the largest Russian ransomware cybercriminal gangs have partnered up and are sharing hacking techniques, purloined data-breach information, malware code and technology infrastructure. CBS, July 22, 2021

Fraud Family phishing-as-a-service disrupted in the Netherlands: Dutch police have arrested two suspects this week who created and hosted phishing sites for other cybercrime groups as part of an online service they were calling The Fraud Family. The Record, July 22, 2021

How Deepfakes Are Powering a New Type of Cyber Crime: Making deepfakes is getting easier, and they’re more convincing than ever. Cybercriminals are using video and audio deepfakes to extort money from victims by adding a credible “fake authenticity” to their scams. CloudSavvy IT, July 22, 2021

National Cybersecurity

What China’s Vast New Cybersecurity Center Tells Us About Beijing’s Ambitions: The 15-square-mile campus in Wuhan will serve as school, research lab, incubator, and talent cultivator. DefenseOne, July 23, 2021

Constant but Camouflaged, Flurry of Cyberattacks Offers Glimpse of New Era: Once imagined as a new kind of warfare, government-linked hacking has instead become a widespread and perhaps permanent feature of the global order. The New York Times, July 20, 2021

To combat cyberattacks, the US government and businesses must work more closely … Opinion by Senator Angus King and Tom Fanning: As anyone who has watched the news the last few months can attest, the United States’ critical infrastructure continues to be unacceptably vulnerable to cyberattacks. In early May, Colonial Pipeline, responsible for delivering refined gasoline to much of the East coast, was shut down by a ransomware attack — leading to ’70s-era car lines from filling stations. Weeks later, JBS, one of the United States’ largest meat suppliers, suffered a similar fate — placing serious uncertainty in the international food supply chain. CNN, July 19, 2021

Cyber Law

States Weigh Bans on Ransomware Payoffs: Drivers fill their tanks in East Ridge, Tennessee, after a ransomware attack on the Colonial Pipeline sparked lines at gas stations and empty pumps in May. Some state legislators are trying to prohibit government agencies victimized in cyberattacks from paying ransom. PEW, July 23, 2021

Cyber Talent

Cybersecurity’s Sputnik Moment: The cyber crisis has emerged as the #1 threat to our national security. On top of chronic cyberwarfare from Russia’s GRU and SVR, China’s PLA units 61398 and 61486, and North Korea’s Bureau 121, America now faces tolerated if not sanctioned hacking and ransomware from Russian groups like DarkSide and REvil (i.e., Ransomware Evil) as well as a rogues’ gallery of cyber criminals. This week we learned that the recent massive breach of Microsoft Exchange was actually sponsored by the Chinese government (paying criminal groups). By targeting critical infrastructure like electricity, gasoline, food, hospitals, schools, and now businesses that make software installed at hundreds of thousands of companies, a single attack can victimize tens of millions of Americans. While there are no official cybercrime statistics, as of last month insurance claims were up 300% year-over-year. And in the past few weeks, cyber ransoms have exploded. Forbes, July 23, 2021

Cyber Enforcement

Serial Swatter Who Caused Death Gets Five Years in Prison: A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that led to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today. KrebsOnSecurity, July 21, 2021

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge