This week’s essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned. Designed to educate, support, and advocate.
Stan’s Top of the News
First a bit of good news as we learn Zelle has begun refunding money to cyber fraud victims. Kudos to Senator Warren and others in Congress for the pressure they put on Zelle. And kudos to we the people for keeping this a cause worth fighting.
- Zelle customers to get refunds for money lost in impostor scams, report says: Banks that participate in Zelle, a peer-to-peer payment service, have begun refunding money to victims of fraud amid pressure from lawmakers. … Since June 30, more than 2,000 financial firms have begun reversing transfers their customers made to scammers who impersonated officials from government agencies, banks or other service providers in so-called impostor scams, Zelle’s parent company, Early Warning Services (EWS), told Reuters.
Warning: The divide between the cyber-haves and cyber-nots will continue to grow as smaller organizations don’t have the resources to use AI against an AI-supported enemy.
- Cyber Experts Worry AI Could Create a World of Haves and Have-Nots: Companies without the resources to understand and use artificial intelligence face significant security challenges. … Cybersecurity experts discuss AI risks at the Aspen Institute’s Cyber Summit in New York. … Say the growing sophistication of artificial-intelligence systems could create a new poverty line for cyber, where companies that can afford to research and develop the technology end up better protected against hackers than those that cannot.
Small and Midsize Organizations. Take your security to the next level. As part of our LA Cybersecure initiative, SecureTheVillage has launched a Pilot Program to enable 50 small to midsize organizations to measurably improve their cybersecurity readiness. We’re looking for IT service providers / MSPs, small businesses, and nonprofits. The LA Cybersecure Pilot Program is funded by a grant from the Center for Internet Security (CIS) Alan Paller Laureate Program. Find out more and register now.
Family Protection Newsletter: Did you know we created the Family Protection Newsletter for non-cyber experts? For your parents, friends, those who need to protect themselves in a digital world. Sign up or share with a friend! Click here to learn more and quickly add to your free subscription!
How Hackable Are You? Take our test. Find out how hackable you are and download our free updated 13-step guide.
- How Hackable Are You? Think your defenses are strong. Find out as SecureTheVillage tests you on five basics. Please take our short test as your answers will help you and guide us to improve community safety.
Upcoming events. Please join us.
- Los Angeles Cybersecurity Workforce Coalition: The monthly meeting of the workforce coalition, Tue, December 5, 1:00 pm – 2:00 pm PT.
- Eighth Annual Los Angeles Cyber Security Summit. Join SecureTheVillage on November 30 at the Beverly Hilton Hotel for the Cyber Security Summit, ranked as one of the “Top 50 Must-Attend Conferences” by DigitalGuardian. Keynote speakers are friends of SecureTheVillage: LA County CISO Jeffrey Aguilar and FBI Supervisory Special Agent Michael Sohn. I’m moderating “Panel 3 Cloud Security – Leveraging Its Strengths and Overcoming Its Vulnerabilities”. Register free with code STV23. Come say hello at the SecureTheVillage booth.
Cybersecurity Nonprofit of the Week … Open Cybersecurity Alliance
Kudos this week to the Open Cybersecurity Alliance (OCA). The Alliance works with other organizations to make sure cybersecurity tools work effectively with the other technology buried deep inside the Internet. That the Internet is as secure as it is owes a lot to OCA and their commitment to Internet security. We’re happy to spotlight OCA so our readers can better appreciate the work being done by nonprofits like OCA. Like SecureTheVillage, the Open Cybersecurity Alliance is a member of Nonprofit Cyber.
Live on Cyber with Dr. Stan Stahl – Live on LinkedIn and Your Favorite Podcast Platform
After the Hack: Fallout of a Small Business Cyber Attack: (Video) (Podcast): “It’s a brutal reality check,” says Dr. Stan. “Small businesses are especially vulnerable and the consequences can be crippling.” … Julie notes, “This story isn’t just alarming, it’s a wake-up call. Protecting your business online is not optional, it’s essential.” … Dive into a real-life cyber horror story in this episode of Live on Cyber. … Join Stan and Julie as they discuss the devastating impact a single cyberattack had on a small business, offering a stark warning to others. … Be part of the revolution, the movement, the solution. Subscribe to Live on Cyber with Stan Stahl, PhD and Julie Michelle Morris, your weekly 15-min update on the latest in privacy and information security affecting your business and community!
Section 2 – Let’s Be Careful Out There. And Let’s Help Others Who Aren’t Yet Cyber-Aware.
Warn your sons. Please.
- Teen Boys Are Falling for a Snapchat Nude-Photo Scam. Here’s How to Avoid It.: The solicitation of images has evolved in recent years to include monetary shakedowns. … An online nude-photo scam is ensnaring thousands of teen boys and causing emotional trauma. … Scammers posing as teen girls befriend boys online, share nude photos of a girl and then ask for nude photos in return. Once the boy reciprocates, the schemer demands money be sent by a peer-to-peer payment app and threatens to share the boy’s photos with his social-media followers if he doesn’t pay.
Warn your parents. Please.
- How to talk to older people in your life about scams: In 2022, consumers lost $8.8 billion to scammers. And older adults lost the highest amount of money compared to other age groups, according to the Federal Trade Commission. … This summer, Daniel Goldstein’s 86-year-old mom got an email that looked like it was from her bank. She was alarmed because she hadn’t spent the money it mentioned, so she called a help number on the email. The person on the other end of the line asked for her bank account information and made her believe she would get her money back. Instead, she lost $600 to a scammer. … While everyone wants to protect their parents and grandparents from scammers, sometimes these conversations can be complicated to navigate. … “We encourage people to think in multigenerational approaches. Everyone is getting scammed, it’s just a different way that scammers go after you,” said Genevieve Waterman from the National Council on Aging.
Keep your computers patched and updated. #3 on our Top-5 protections. Take our How Hackable Are You? quiz and get our free updated 13-step guide.
- Microsoft Patch Tuesday, November 2023 Edition: Microsoft today released updates to fix more than five dozen security holes in its Windows operating systems and related software, including three “zero day” vulnerabilities that Microsoft warns are already being exploited in active attacks.
Section 3 – Cybersecurity and Privacy News for the Cyber-Concerned.
The New York Times offers a story on the significance of the SEC’s lawsuit against SolarWinds and its CISO.
- The Cybersecurity Lawsuit That Boards Are Talking About: An S.E.C. lawsuit against a software company hacked by Russian state actors in 2020 could affect how companies handle cybersecurity risks. … The chief executive of SolarWinds, Sudhakar Ramakrishna, said an S.E.C. lawsuit against his company could make chief information security officers “more fearful.” … For the last month, an under-the-radar lawsuit has privately been a hot topic of conversation in Fortune 500 boardrooms and corporate security departments. … In October, the Securities and Exchange Commission sued a software company hacked by Russian agents in 2020, accusing it of defrauding investors by not disclosing allegedly known cybersecurity risks and vulnerabilities.
An investigation by CNN has discovered a massive disinformation campaign targeting critics of the Chinese Government.
- China is using the world’s largest known online disinformation operation to harass Americans, a CNN review finds: ‘Flooded with messages asking me to kill myself’: How the Chinese government is targeting US citizens … The Chinese government has built up the world’s largest known online disinformation operation and is using it to harass US residents, politicians, and businesses—at times threatening its targets with violence, a CNN review of court documents and public disclosures by social media companies has found.
New York continues as a leader in imposing cybersecurity rules on critical sectors, first finance and now hospitals. Kudos New York.
- New York Plans Cyber Rules for Hospitals: String of hacks at medical facilities prompts focus on security. … The rules are similar to other state cybersecurity measures issued by Gov. Kathy Hochul’s administration. … New York regulators Monday announced plans to issue cybersecurity regulations for hospitals, after a series of attacks crippled operations at medical facilities. … Under draft rules reviewed by The Wall Street Journal, New York will require general hospitals to develop and test incident response plans, assess their cybersecurity risks and install security technologies such as multifactor authentication. Hospitals must also develop secure software design practices for in-house applications, and processes for testing the security of software from vendors.
The face of the enemy and the the take-down of a botnet.
- Royal Ransom Demands Exceed $275M, Rebrand in Offing: The swift-moving ransomware crew continues to evolve quickly and has already attacked more than 350 victims since it was first detected just over a year ago. … The Royal ransomware gang appears to be gearing up for a new spate of activity that potentially includes a rebrand or spinoff effort, as ransom demands by the fast-moving group since its initial activity in September 2022 have already exceeded $275 million, according to US federal authorities.
- CISA, FBI warn of Scattered Spider expertise with social engineering, SIM swapping: The leading cybersecurity officials in the U.S. published a stark warning on Thursday about a group of hackers who have disrupted some of the largest companies in the country through social engineering and other tactics.
- New Ransomware Group Emerges with Hive’s Source Code and Infrastructure: The threat actors behind a new ransomware group called Hunters International have acquired the source code and infrastructure from the now-dismantled Hive operation to kick-start its own efforts in the threat landscape.
- FBI takes down IPStorm malware botnet as hacker behind it pleads guilty: The FBI dismantled the IPStorm botnet proxy network and its infrastructure this week following a September plea deal with the hacker behind the operation. … The Justice Department said it took down the infrastructure associated with the IPStorm malware — which experts said infected thousands of Linux, Mac, and Android devices across Asia, Europe, North America and South America.
In a new ransomware twist designed to tighten the noose on victims, a ransomware gang notified the SEC that one of its victims failed to disclose the breach to regulators.
- Ransomware gang files SEC complaint over victim’s undisclosed breach: The ALPHV/BlackCat ransomware operation has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint against one of their alleged victims for not complying with the four-day rule to disclose a cyberattack.
In other cybercrime news this week.
- PJ&A says cyberattack exposed data of nearly 9 million patients: PJ&A (Perry Johnson & Associates) is warning that a cyberattack in March 2023 exposed the personal information of almost nine million patients, including Social Security numbers, Insurance information, and medical details. PJ&A provides medical transcription services to healthcare organizations in the United States. … The company said the threat actors breached their network and had access between March 27 and May 2, 2023.
- Long Beach is latest California city facing cybersecurity incident: The city of Long Beach, California is facing a range of issues due to a cybersecurity incident that was discovered on Tuesday. … The office of the city manager released a statement on Wednesday saying officials within the government were investigating the issue alongside a cybersecurity firm and had contacted the FBI for assistance. Located about 30 minutes south of Los Angeles, the city is home to nearly half a million people.
- San Diego Tri-City Medical Center still recovering 5 days after cyber attack shut down emergency services: It’s been five days since Tri-City Medical Center was hit by a ransomware attack that shut down most of the hospital’s emergency services.
- ‘Sex life data’ stolen from UK government among record number of ransomware attacks: Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year.
- Samsung says hackers accessed customer data during year-long breach: Samsung has admitted that hackers accessed the personal data of U.K.-based customers during a year-long breach of its systems.
Section 4 – Managing Information Security and Privacy in Your Organization.
A poster child for how not to manage the security of your network. Please don’t let this happen to you:
- Inside Denmark’s hell week as critical infrastructure orgs faced cyberattacks: Danish critical infrastructure faced the biggest online attack in the country’s history in May. … In almost all cases unpatched vulnerabilities in Zyxel firewalls meant compromise was possible …”For many of our members this was a surprise,” SektorCERT said in the report [PDF]. “Many believed that because the firewall was relatively new, it must be assumed to have the latest software, while others mistakenly assumed that their vendor was responsible for the updates. … “Other members had deliberately opted out of the updates as there was a cost from the supplier to install them (the software itself is free). Still others simply did not know they had the devices in question in their network. Either because a supplier had installed them without telling them about it or because they did not have an overview of the devices that were connected to their network.
IT /MSPs Patch Now as CISA adds to its Known Exploited Vulnerabilities.
- CISA warns of actively exploited Windows, Sophos, and Oracle bugs: The U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities (KEV) three security issues that affect Microsoft devices, a Sophos product, and an enterprise solution from Oracle.