Cybersecurity News of the Week, May 30, 2021

Individuals at Risk

Cyber Privacy

Amazon devices will soon automatically share your Internet with neighbors: If you use Alexa, Echo, or any other Amazon device, you have only 10 days to opt out of an experiment that leaves your personal privacy and security hanging in the balance. Ars Technica, May 29, 2021

Cyber Update

Trend Micro Bugs Threaten Home Network Security: The security vendor’s network management and threat protection station can open the door to code execution, DoS and potential PC takeovers. ThreatPost, May 25, 2021

Malware caught using a macOS zero-day to secretly take screenshots: Almost exactly a month ago, researchers revealed a notorious malware family was exploiting a never-before-seen vulnerability that let it bypass macOS security defenses and run unimpeded. Now, some of the same researchers say another malware can sneak onto macOS systems, thanks to another vulnerability. TechCrunch, May 24, 2021

Cyber Warning

BazaLoader Masquerades as Movie-Streaming Service: The website for “BravoMovies” features fake movie posters and a FAQ with a rigged Excel spreadsheet for “cancelling” the service, but all it downloads is malware. ThreatPost, May 26, 2021

Rom‑con: How romance fraud targets older people and how to avoid it: Online dating scams often follow the same script – here’s what senior citizens should watch out for and how their younger relatives can help them avoid falling victim. WeLiveSecurity, May 24, 2021


Amazon’s Ring is the largest civilian surveillance network the US has ever seen: One in 10 US police departments can now access videos from millions of privately owned home security cameras without a warrant. TheGuardian, May 18, 2021

Cyber Humor

Information Security Management for the Organization

Cybersecurity in the C-Suite & Board

8 steps to starting a cybersecurity virtuous cycle: In the face of an unprecedented and exponentially growing global cyberthreat matrix, there must be a call to arms to all businesses – big, medium and small – to build cyber-organizational resilience. WorldEconomicForum, May 26, 2021

Information Security Management

The Cybersecurity Ecosystem: How Did It Get So Crowded?: Peek inside any enterprise security operations center (SOC) today, and you’ll likely see a crowded and high-pressure cybersecurity ecosystem. Over the past few years, as technology evolved rapidly, attackers have developed a growing array of strategies and tactics. In response, security organizations have deployed more and more tools and point solutions, engaged with increasing numbers of vendors and service providers and collected ballooning volumes of data. SecurityIntelligence, May 26, 2021

Try These Best Practices to Counter Common Cybersecurity Risks: Since the beginning of the pandemic, ransomware and other cyber attacks have spiked. Meanwhile, millions of people have shifted from working in offices to working remotely. Organizations are increasingly relying on video conferencing, virtual private networks (VPNs) and remote desktop protocol admin tools. SecurityIntelligence, May 25, 2021

Biden executive order bets big on zero trust for the future of US cybersecurity: The United States federal government has validated, confirmed, and required zero trust. For the US government and its suppliers, this executive order represents massive change. TechRepublic, May 24, 2021

Cyber Talent

New ISACA Study Finds Cybersecurity Workforce Minimally Impacted by Pandemic, but Still Grappling with Persistent Hiring Challenges: Schaumburg, IL, USA –The pandemic’s disruption has rippled across the globe, impacting workforces in nearly every sector. However, according to the findings from the State of Cybersecurity 2021 Part 1 survey report from ISACA in partnership with HCL Technologies, the cybersecurity workforce has largely been unscathed, though all-too familiar challenges in hiring and retention continue at levels similar to years past. ISACA, May 4, 2021

Cyber Insurance

How Are Cyber Insurance Companies Assessing Ransomware Risk?: From limiting claims payments to tying payments to policyholders’ actions, the cyber insurance industry is in “a very dynamic place right now,” says Corvus Insurance CEO Phil Edmundson. DarkReading, May 26, 2021

Cybersecurity in Society

Cyber Crime

Fujitsu SaaS Hack Sends Govt. of Japan Scrambling: Tech giant disables ProjectWEB cloud-based collaboration platform after threat actors gained access and nabbed files belonging to several state entities. ThreatPost, May 27, 2021.

Scripps CEO says attack was ransomware: President and CEO Chris Van Gorder said in a statement that he anticipates restoration of the system’s electronic health record this week. HealthcareITNews, May 26, 2021

The Colonial Pipeline Ransomware Hackers Had a Secret Weapon: Self-Promoting Cybersecurity Firms: Five months before DarkSide attacked the Colonial pipeline, two researchers discovered a way to rescue its ransomware victims. Then an antivirus company’s announcement alerted the hackers. ProPublica, May 24, 2021

Audio maker Bose discloses data breach after ransomware attack: Bose Corporation (Bose) has disclosed a data breach following a ransomware attack that hit the company’s systems in early March. BleepingComputer, May 24, 2021

Cyber Attack

What We Know About The Apparent Russian Hack Exploiting A U.S. Aid Agency. The same Russian hackers who carried out the SolarWinds attack and other malicious campaigns have now attacked groups involved in international development, human rights and other issues, according to Microsoft. The company said the breach began with a takeover of an email marketing account used by the U.S. Agency for International Development. NPR, May 28, 2021

A Never-Before-Seen Wiper Malware Is Hitting Israeli Targets. The malicious code, which masquerades as ransomware, appears to come from a hacking group with ties to Iran. Wired, May 27, 2021

Cyber Espionage

Belgium uproots cyber-espionage campaign with suspected ties to China: A Belgian government ministry said this week that it was the victim of a cyber-espionage campaign that began two years ago, one that has apparent links to Beijing. CyberScoop, May 26, 2021

Know Your Enemy

Secret Chats Show How Cybergang Became a Ransomware Powerhouse: As the ransomware industry exploded, a Russian-speaking outfit called DarkSide offered would-be computer crooks not just the tools, but also customer support. We got an inside look. The New York Times, May 30, 2021

‘Privateer’ Threat Actors Emerge from Cybercrime Swamp: ‘Privateers’ aren’t necessarily state-sponsored, but they have some form of government protection while promoting their own financially-motivated criminal agenda, according to Cisco Talos. ThreatPost, May 26, 2021

A Peek Inside the Underground Ransomware Economy: Threat hunters weigh in on how the business of ransomware, the complex relationships between cybercriminals, and how they work together and hawk their wares on the Dark Web. ThreatPost, May 26, 2021

Ryuk Ransomware Operators Shift Tactics to Target Victims: The Ryuk ransomware operators continue to target critical infrastructure and extract high ransom payments from vulnerable groups, including an attack on a large health care organization last year. SecurityIntellligence, May 26, 2021

How Hydra, a Russian dark net market, made more than $1 billion in 2020. Russian-speaking dark web bazaar Hydra has dominated the illicit marketplace since 2018, thanks in part to the demise of a rival business as well as its imposition of restrictive policies on sellers, according to research published Tuesday. CyberScoop, May 25, 2021

National Cybersecurity — Critical Infrastructure

Pipeline Companies Will Have To Report Cyberattacks To The Government: For the first time, the Department of Homeland Security has decided it needs to regulate cybersecurity in the pipeline industry. It’s expected to require such key infrastructure companies to report cyber incidents to the federal government. NPR, May 26, 2021

Russia’s Hacking Success Shows How Vulnerable the Cloud Is. … The cloud is everywhere. It’s critical to computing. And it’s under attack. … Russia’s Sunburst cyberespionage campaign, discovered late last year, impacted more than 100 large companies and U.S. federal agencies, including the Treasury, Energy, Justice, and Homeland Security departments. A crucial part of the Russians’ success was their ability to move through these organizations by compromising cloud and local network identity systems to then access cloud accounts and pilfer emails and files. Bruce Schneier and Trey Herr, Foreign Policy, May 24, 2021


Russia, Iran were top two sources of disinfo on Facebook targeting U.S. during Trump admin, says report: Facebook says it shut down 150 networks of fake accounts since 2017 — foreign disinfo efforts aimed at Americans and others created by domestic extremists. NBC, May 26, 2021

Cyber Enforcement

Boss of ATM Skimming Syndicate Arrested in Mexico. Florian “The Shark” Tudor, the alleged ringleader of a prolific ATM skimming gang that siphoned hundreds of millions of dollars from bank accounts of tourists visiting Mexico over the last eight years, was arrested in Mexico City on Thursday in response to an extradition warrant from a Romanian court. KrebsOnSecurity, May 28, 2021

Russian operator of stolen credential marketplace sentenced to 30 months: A Russian computer security researcher was sentenced by a federal judge in California to two-and-a-half years in prison Monday for his role in administering, a sprawling online marketplace for selling stolen account credentials, credit card information, and hacked accounts. The Record, May 25, 2021

A dealer moved cocaine, heroin around the U.K. A photo showing his ‘love of Stilton cheese’ brought him down: Carl Stewart was so excited when he spotted a block of blue Stilton at an upscale British grocery store that he shared a picture of the rich and creamy cheese in the palm of his hand on an encrypted messaging app largely used by drug dealers. WashingtonPost, May 24, 2021

Cyber Research

Super-Secure Processor Thwarts Hackers by Turning a Computer Into a Puzzle: We have developed and tested a secure new computer processor that thwarts hackers by randomly changing its underlying structure, thus making it virtually impossible to hack. ScienceAlert, May 22, 2021

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge