Cybersecurity News of the Week, November 14, 2021

Individuals at Risk

Cyber Privacy

Robinhood hack put 7 million users at risk — personal data stolen: Robinhood confirms hackers didn’t expose financial information. Laptop Mag, November 10, 2021

Cyber Defense

Op-Ed: What a house cat can teach us about cybersecurity: The news today often contains reports about cybersecurity breaches that steal our data or threaten our national security. The nation spends billions of dollars on cybersecurity measures, and yet we seem unable to get ahead of this problem. Why are our computers so hard to protect? The Los Angeles Times, November 7, 2021

Cyber Update

Microsoft Patch Tuesday, November 2021 Edition: Microsoft Corp. today released updates to quash at least 55 security bugs in its Windows operating systems and other software. Two of the patches address vulnerabilities that are already being used in active attacks online, and four of the flaws were disclosed publicly before today — potentially giving adversaries a head start in figuring out how to exploit them. KrebsOnSecurity, November 9, 2021

Cyber Warning

SMS About Bank Fraud as a Pretext for Voice Phishing: Most of us have probably heard the term “smishing” — which is a portmanteau for traditional phishing scams sent through SMS text messages. Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. But increasingly, phishers are turning to a hybrid form of smishing — blasting out linkless text messages about suspicious bank transfers as a pretext for immediately calling and scamming anyone who responds via text. KrebsOnSecurity, November 10, 2021

Cyber Surveillance

New Android Spyware Poses Pegasus-Like Threat: PhoneSpy already has stolen data and tracked the activity of targets in South Korea, disguising itself as legitimate lifestyle apps. ThreatPost, November 10, 2021

Microsoft will now snitch on you at work like never before: You think there are limits to what your employer can see you do online? Some new Microsoft updates may make you think a little more about that. ZDNet, November 7, 2021

Cyber Humor

Information Security Management for the Organization

Cybersecurity in the C-Suite & Board

SolarWinds investors allege board knew about cyber risks: Nov 5 (Reuters) – SolarWinds Corp (SWI.N) investors have sued the software company’s directors, alleging they knew about and failed to monitor cybersecurity risks to the company ahead of a breach that created a vulnerability in thousands of its customers’ systems. Reuters, November 5, 2021

Cyber Warning

Tiny Font Size Fools Email Filters in BEC Phishing: The One Font BEC campaign targets Microsoft 365 users and uses sophisticated obfuscation tactics to slip past security protections to harvest credentials. ThreatPost, November 11, 2021

Cyber Update

Massive Zero-Day Hole Found in Palo Alto Security Appliances: UPDATE: Researchers have a working exploit for the vulnerability (now patched), which allows for unauthenticated RCE and affects what Palo Alto clarified is an estimated 10,000 VPN/firewalls. ThreatPost, November 10, 2021

Cyber Insurance

Top 20 Cyber Insurers in U.S. Including Loss Ratios: NAIC: The cyber insurance market in the U.S. grew to roughly $4.1 billion in direct written premiums in 2020, an increase of 29.1% from the prior year, reports the National Association of Insurance Commissioners (NAIC). Insurance Journal, November 9, 2021

Cybersecurity in Society

Cyber Crime

Comic distributor warns of more delays as ransomware attack persists: A ransomware attack on the comic distribution chain continues to cause ripplies. Newsarama, November 11, 2021

MediaMarkt hit by Hive ransomware, initial $240 million ransom: Electronics retail giant MediaMarkt has suffered a Hive ransomware with an initial ransom demand of $240 million, causing IT systems to shut down and store operations to be disrupted in Netherlands and Germany. BleepingComputer, November 8, 2021

DDoS Attacks Shatter Records in Q3, Report Finds: Q3 DDoS attacks topped thousands daily, with more growth expected. ThreatPost, November 8, 2021

Cyber Surveillance

Contract lawyers face a growing invasion of surveillance programs that monitor their work: The attorneys worry that if law firms, traditionally the defenders of workers’ rights, are turning to the programs, why wouldn’t every other business? The Washington Post, November 11, 2021

NSO spyware found on 6 Palestinian activists’ phones, report finds: Spyware from the Israeli intelligence company NSO Group was found on the cellphones of six Palestinian human rights activists, Front Line Defenders, an Ireland-based rights groups, said in a report Monday. AXIOS, November 8, 2021

Know Your Enemy

All cyberthreats now part of a connected ransomware delivery system: The gravitational force of ransomware’s black hole is pulling in other cyberthreats to form one massive, interconnected ransomware delivery system – with significant implications for IT security. IT-Online, November 11, 2021

Hacker-for-Hire Group Spied on More Than 3,500 Targets in 18 Months: A Russian-speaking hacker-for-hire group has been quietly spying on thousands of individuals and organizations worldwide and selling highly private information about them to various customers, motivated by financial gain and by politically driven agendas. DarkReading, November 10, 2021

BlackBerry Uncovers Initial Access Broker Linked to 3 Distinct Hacker Groups: A previously undocumented initial access broker has been unmasked as providing entry points to three different threat actors for mounting intrusions that range from financially motivated ransomware attacks to phishing campaigns. The Hacker News, November 8, 2021

National Cybersecurity

U.S. joins global cybersecurity partnership ignored by Trump: The U.S. is now part of an international agreement on cybersecurity that the Trump administration declined to sign up for, Vice President Kamala Harris announced in Paris Wednesday. AXIOS, November 11, 2021

83% of Critical Infrastructure Organizations Suffered Breaches, 2021 Cybersecurity Research Reveals: A new research study by Skybox Security found that 83% of organizations suffered an operational technology (OT) cybersecurity breach in the prior 36 months. The research also uncovered that organizations underestimate the risk of a cyberattack, with 73% of CIOs and CISOs “highly confident” their organizations will not suffer an OT breach in the next year. DarkReading, November 9, 2021

New strategic direction for CMMC 2.0 announced: The Department of Defense announced the strategic direction of the Cybersecurity Maturity Model Certification (CMMC) program, marking the completion of an internal program assessment led by senior leaders across the Department. SecurityMagazine, November 8, 2021

Cyber Obituary

Alan Paller, Cyber Security Industry Titan and SANS Institute Founder, Passes Away: November 11, 2021 – It is with deep sadness that SANS Institute (SANS) announces that SANS founder Alan Paller, 76, passed away on November 9. … Mr. Paller was a pioneer in the cybersecurity industry, championing the need for greater education and knowledge for practitioners. His combination of passion, intellect, and ethical rigor was instrumental in bringing more skilled people into the profession. He founded SANS, a professional cybersecurity training organization that trains more than 40,000 cybersecurity technologists each year, in 1989. He was also President Emeritus of SANS Technology Institute, the nation’s first regionally accredited specialized cybersecurity college and graduate school.

Cyber Misc

These Parents Built a School App. Then the City Called the Cops: Stockholm’s official app was a disaster. So annoyed parents built their own open source version—ignoring warnings that it might be illegal. Wired, November 4, 2021

Cyber Enforcement

“King of fraud” sentenced to 10 years in prison for role in Methbot/3ve botnet: A US judge sentenced a Russian national to 10 years in prison for running Methbot, a giant ad fraud botnet that stole more than $7 million from ad publishers and ad networks between 2014 and 2018. TheRecord, November 11, 2021

Mexico makes first arrest in Pegasus spying scandal: MEXICO CITY — Mexican authorities have made their first arrest in the global spy scandal surrounding the malware Pegasus, jailing a technician who worked for a private firm on allegations he was involved in illegally tapping the phone of a broadcast journalist. The Washington Post, November 9, 2021

REvil Ransom Arrest, $6M Seizure, and $10M Reward: The U.S. Department of Justice today announced the arrest of Ukrainian man accused of deploying ransomware on behalf of the REvil ransomware gang, a Russian-speaking cybercriminal collective that has extorted hundreds of millions from victim organizations. The DOJ also said it had seized $6.1 million in cryptocurrency sent to another REvil affiliate, and that the U.S. Department of State is now offering up to $10 million for the name or location any key REvil leaders, and up to $5 million for information on REvil affiliates. KrebsOnSecurity, November 8, 2021

FIVE AFFILIATES TO SODINOKIBI/REVIL UNPLUGGED: Suspected of about 7 000 infections, the arrested affiliates asked for more than 200 million euros in ransom. Europol, November 8, 2021

U.S. offers $10 million reward in hunt for DarkSide cybercrime group: Nov 4 (Reuters) – The U.S. State Department on Thursday announced a reward of up to $10 million for information leading to the identification or location of anyone with a key leadership position in DarkSide, a cybercrime organization the FBI has said is based in Russia. Reuters, November 4, 2021

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge