Cybersecurity News of the Week, June 20, 2021

Individuals at Risk

Cyber Privacy

This Week in Database Leaks: Cognyte, CVS, Wegmans: Billions of records were found exposed this week due to unprotected databases owned by major corporations and third-party providers. DarkReading, June 18, 2021

Most health apps engage in unhealthy data‑harvesting habits: Most medical and fitness apps in Google Play have tracking capabilities enabled and their data collection practices aren’t transparent WeLiveSecurity, June 17, 2021

Cyber Defense

Vishing: What is it and how do I avoid getting scammed?: How do vishing scams work, how do they impact businesses and individuals, and how can you protect yourself, your family and your business? WeLiveSecurity, June 14, 2021

Cyber Warning

Amazon Prime Day scams resurface for 2021: With this year’s Amazon Prime Day set for June 21-22, scammers are already touting “Early Prime Day Deals,” says Bolster. TechRepublic, June 17, 2021

Cyber Danger

Digital convenience leads to lax security habits among users, survey finds: A new IBM global report examining consumer behaviors finds an average of 15 new online accounts were created and 82% are reusing the same credentials some of the time. TechRepublic, June 16, 2021

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries: What seems to be the largest password collection of all time has been leaked on a popular hacker forum. A forum user posted a massive 100GB TXT file that contains 8.4 billion entries of passwords, which have presumably been combined from previous data leaks and breaches. CyberNews, June 7, 2021

Cyber Misc

‘Oddball’ Malware Blocks Access to Pirated Software: Rather than steal credentials or hold data for ransom, a recent campaign observed by Sophos prevents people from visiting sites that offer illegal downloads. ThreatPost, June 18, 2021

Cyber Humor

Information Security Management for the Organization

Information Security Management

4 Habits of Highly Effective Security Operators: These good habits can make all the difference in advancing careers for cybersecurity operators who spend their days putting out fires large and small. DarkReading, June 18, 2021

The Art and Strategy of Becoming More Cyber Resilient: In the military, the art of strategy is key. It teaches how to win a war through a series of battles, campaigns and tactics. In the cybersecurity world, we have been on the defensive side for as long as we can remember. We focus on frameworks and tactics such as Defense in Depth, the onion or defensive layer theory, and perimeter security. And that’s why threat actors still have control of the battlefield today. Instead, in order to become more cyber resilient, we need to take a leap into the offensive side, always thinking about our enemies’ strategies. SecurityIntelligence, June 17, 2021

The Hottest Cybersecurity Must-Reads for the Busy Security Practitioner: You’re busy. We get that. Let’s suppose you’re like most of your colleagues in security. In that case, it’s almost like Groundhog Day. It starts with chasing the latest threat and protecting your company or agency from attacks. It ends with you wondering where the last eight (or more) hours went. This leaves you little time to do what you really want to do — transform your work into an enabler of growth and innovation. Take a breath. We can help. SecurityIntelligence, June 16, 2021

The many ways a ransomware attack can hurt your organization: Loss of revenue, brand and reputation damage, employee layoffs and business closures were some of the effects of a ransomware attack, according to Cybereason. TechRepublic, June 16, 2021

The many ways a ransomware attack can hurt your organization: Loss of revenue, brand and reputation damage, employee layoffs and business closures were some of the effects of a ransomware attack, according to Cybereason. TechRepublic, June 16, 2021

Secure The Human

Why a Phishing Attack Is Still Profitable — And How To Stop One: As the business world continues to grapple with an expanding definition of new normal, the phishing attack remains a common tactic for attackers. Why are phishing attacks still happening? How can we prevent them? We spoke to a threat analyst who has the answers. SecurityIntelligence, June 16, 2021

Cyber Insurance

Ransomware claims are roiling an entire segment of insurance industry: The recent surge of ransomware attacks is upending the cyber-insurance industry, pushing up the requirements and cost of coverage just as more companies need it. SeattleTimes, June 17, 2021

Cybersecurity in Society

Cyber Crime

Carnival Cruise Cyber-Torpedoed by Cyberattack: This is the fourth time in a bit over a year that Carnival’s admitted to breaches, with two of them being ransomware attacks. ThreatPost, June 18, 2021

Faux ‘DarkSide’ Gang Takes Aim at Global Energy, Food Sectors: A DarkSide doppelganger mounts a fraud campaign aimed at extorting nearly $4 million from each target. ThreatPost, June 18, 2021

EA source code stolen by hacker claiming to sell it online: More organizations feel the pain as the ransomware scourge grows more pernicious. ars technica, June 10, 2021

Cyber Espionage

Sprawling cyber-espionage campaign linked to Chinese military unit: Cybersecurity experts have uncovered evidence that interconnects several multi-year and sprawling cyber-espionage campaigns to a Chinese military unit operating out of the city of Ürümqi in China’s western province of Xinjiang. TheRecord, June 16, 2021

Cyber Privacy

Colorado is the third state to pass a consumer-data privacy bill. Now what?: Yes, you can ask a company to delete your personal data. No, it doesn’t apply to all personal data. And yes, many companies in-and-out of Colorado must figure out how to manage this by July 2023. The Colorado Sun, June 17, 2021

Know Your Enemy

Inside a ransomware attack: how dark webs of cybercriminals collaborate to pull one off: In their Carbis Bay communique, the G7 announced their intention to work together to tackle ransomware groups. Days later, US president Joe Biden met with Russian president Vladimir Putin, where an extradition process to bring Russian cybercriminals to justice in the US was discussed. Putin reportedly agreed in principle, but insisted that extradition be reciprocal. Time will tell if an extradition treaty can be reached. But if it is, who exactly should extradited – and what for? The Conversation, June 18, 2021

How Does One Get Hired by a Top Cybercrime Gang?: The U.S. Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot, a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. KrebsOnSecurity, June 15, 2021

National Cybersecurity

The Cybersecurity 202: Here are four cyber takeaways from the Biden-Putin summit: Expectations were set exceedingly low for President Biden making any progress on U.S.-Russia hacking tensions during his meeting yesterday with Vladimir Putin. And it seems Biden cleared that very low bar. The Washington Post, June 17, 2021

Poland says recent attacks on local politicians originated from Russia: The Polish government said that a recent wave of cyberattacks that have targeted the email accounts of local political figures originated from Russia. TheRecord, June 17, 2021

G7 calls on Russia to crack down on ransomware gangs: In light of the recent wave of high-profile ransomware attacks that have caused havoc in the US and Europe, the member states of the G7 group have called on Russia and other countries to crack down on ransomware gangs operating within their borders. TheRecord, June 14, 2021

Cyber Fine

First American Financial Pays Farcical $500K Fine: In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. [NYSE:FAF] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. This week, the U.S. Securities and Exchange Commission settled its investigation into the matter after the Fortune 500 company agreed to pay a paltry penalty of less than $500,000. KrebsOnSecurity, June 18, 2021

Cyber Law

Senators Draft a Federal Breach Notification Bill: Bipartisan Legislation Would Require Notifying CISA Within 24 Hours of a Breach Discovery. BankInfoSecurity, June 18, 2021

Critical Infrastructure

50,000 security disasters waiting to happen: The problem of America’s water supplies: “If you could imagine a community center run by two old guys who are plumbers, that’s your average water plant,” one cybersecurity consultant said. NBC, June 17, 2021

Cyber Enforcement

Law Enforcement’s Cybercrime Honeypot Maneuvers Paying Off: Closing EncroChat and Sky, Plus Careful Word-of-Mouth Management, Drove Anom Uptake. BankInfoSecurity, June 18, 2021

In Ransomware Battle, Bitcoin May Actually Be an Ally: Webs of Criminality Are Recorded on Bitcoin’s Blockchain. BankInfoSecurity, June 17, 2021

Microsoft Disrupts Large-Scale, Cloud-Based BEC Campaign: Varied cloud infrastructure was used to phish email credentials, monitor for and forward finance-related messages and automate operations. ThreatPost, June 15, 2021

Ukrainian Police Nab Six Tied to CLOP Ransomware: Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group, a cybercriminal gang said to have extorted more than half a billion dollars from victims. Some of CLOP’s victims this year alone include Stanford University Medical School, the University of California, and University of Maryland. KrebsOnSecurity, June 15, 2021

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge