Cybersecurity News of the Week, November 28, 2021

Individuals at Risk

Cyber Privacy

Apple iOS privacy settings to change now: How to make your iPhone and iPad as private as possible. The Washington Post, November 26, 2021

Amazon wages secret war on Americans’ privacy, documents show: Inc has amassed a vast amount of sensitive personal information on its customers. Internal documents reveal how a former aide to Joe Biden helped the tech giant build a lobbying juggernaut that has gutted legislation in two dozen states seeking to give consumers more control over their data. Reuters, November 19, 2021

Cyber Defense

Too Many Data Breach Victims Respond by Doing Nothing: Some survey respondents thought the breached company would take care of everything—but they can’t get the personal data genie back in the bottle. PC Magazine, November 22, 2021

Cyber Warning

Holiday Scams Drive SMS Phishing Attacks: As the holidays approach, the volume of short message service (SMS) phishing has almost doubled from the same period in the prior year, continuing a trend of SMS-text phishing growing as a vector to attack mobile users and their devices, messaging-security firm Proofpoint stated in a blog post on Nov. 23. DarkReading, November 23, 2021

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back: One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle, a “peer-to-peer” (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family. Naturally, a great deal of phishing schemes that precede these bank account takeovers begin with a spoofed text message from the target’s bank warning about a suspicious Zelle transfer. What follows is a deep dive into how this increasingly clever Zelle fraud scam typically works, and what victims can do about it. KrebsOnSecurity, November 19, 2021

Social Media

Facebook’s race-blind practices around hate speech came at the expense of Black users, new documents show: Researchers proposed a fix to the biased algorithm, but one internal document predicted pushback from ‘conservative partners’ The Washington Post, November 21, 2021

Facebook’s Algorithm Is Broken. We Collected Some Suggestions On How To Fix It: Facebook’s algorithm1 is its superpower — and its kryptonite. Yes, it leads to higher engagement that earns the company billions of dollars, but it’s also tied to some of the company’s biggest scandals. Last month, when the Facebook Papers — a trove of leaked corporate documents provided to reporters and Congress — were released, a mountain of news coverage blamed the algorithm for the spread of misinformation and divisive content, radicalizing users and failing to protect them from some of the most graphic content on the site. FiveThirtyEight, November 16, 2021

Cyber Misc

Owners Resort to Hacking Smart Treadmills After NordicTrack Locks Them Out: It’s natural to expect that if you buy something, you can do whatever you want with it. However, the complexity of laws around intellectual property has made that difficult. The right to repair movement is gaining steam with even Apple loosening restrictions on tinkering with your own hardware. NordicTrack is not so enlightened, though. After customers started installing their own apps on the company’s $4,000 X32i smart treadmill, it released a software update that locked them out. Owners aren’t happy. ExtremeTech, November 23, 2021

Cyber Humor

Information Security Management for the Organization

Information Security Management

Report: Zero-trust architecture is expected to increase cybersecurity efficacy by 144%: As 2022 quickly approaches, Symmetry Systems and Osterman Research have released a report detailing how organizations plan to deploy zero-trust architecture, with 53% of respondents citing high-profile ransomware attacks as their primary motivator. VentureBeat, November 26, 2021

Cyber Warning

Microsoft Exchange Server Flaws Now Exploited for BEC Attacks: Threat actors are using a couple of dangerous, new tactics to exploit the so-called ProxyShell set of vulnerabilities in on-premises Exchange Servers that Microsoft patched earlier this year — and were the targets of widespread attacks in July. DarkReading, November 18, 2021

Patch Now

Hackers breach corporate email servers to send spam to employees: A threat actor has hacked Microsoft Exchange email servers across the world in order to gain access to their internal messaging capabilities and send malicious emails to company customers and employees in the hopes of infecting them with malware. TheRecord, November 22, 2021

Cyber Insurance

Insurers run from ransomware cover as losses mount: LONDON, Nov 19 (Reuters) – Insurers have halved the amount of cyber cover they provide to customers after the pandemic and home-working drove a surge in ransomware attacks that left them smarting from hefty payouts. Reuters, November 19, 2021

Cybersecurity in Society

Cyber Crime

IKEA Under Ongoing Cybersecurity Assault As Criminal Hackers Relentlessly Hammer Its Email System: While you may be trying to buy a Vebjörn desk or snag a deal on a Yttervåg, IKEA is trying to quell an ongoing cyberattack within its infrastructure. On Friday, it was discovered that cybercriminals were targeting IKEA employees with internal phishing attacks, using stolen reply-chain emails. Hot Hardware, November 27, 2021

GoDaddy Data Breach Extends to Managed WordPress Resellers: A recent GoDaddy data breach extended from the hosting provider to several sister companies that resell GoDaddy Managed WordPress, according to a third-party media report. MSSP Alert, November 25, 2021

Hackers used this software flaw to steal credit card details from thousands of online retailers: Hackers used flaw in popular e-commerce software. ZDNet, November 22, 2021

Cyber Surveillance

Apple alerts NSO phone hacking victims in Thailand, El Salvador and Uganda: Apple has sent threat notification alerts to victims of state-sponsored hackers in Thailand, El Salvador and Uganda, just hours after filing a lawsuit against Israeli spyware maker NSO Group. TechCrunch, November 24, 2021

Apple Sues Israeli Spyware Maker, Seeking to Block Its Access to iPhones: Apple accused NSO Group, the Israeli surveillance company, of “flagrant” violations of its software, as well as federal and state laws. The New York Times, November 23, 2021

Know Your Enemy

North Korean Hackers Caught Snooping on China’s Cyber Squad: North Korean hackers are under fierce pressure to raise revenue to fund regime goals. Now they’re trying to spy on Chinese security researchers to get better hacking tools. TheDailyBeast, November 22, 2021

Chinese Hackers Team Up With Russian Ransomware Gang To Launch US Cybersecurity Assault: Russian hackers are reaching out to Chinese threat actors in an attempt to share tips and collaborate on cyber attacks. This comes at a time where there has been an increase in activity of Mandarin and Chinese-speaking players on RAMP and other communities across the dark web. HotHardWare, November 18, 2021

National Cybersecurity

Israel and Iran Broaden Cyberwar to Attack Civilian Targets: Iranians couldn’t buy gas. Israelis found their intimate dating details posted online. The Iran-Israel shadow war is now hitting ordinary citizens. The New York Times, November 27, 2021

Why we must rebuild digital trust for a cyber-inclusive future: “If the lifeblood of the digital economy is data, its heart is digital trust”. That’s according to PwC’s inaugural Digital Trust Insights survey, which was published in 2018. This remains poignant in 2021 at a time when the world is experiencing a global backlash against technology and reduced public support for digitization. World Economic Forum, November 23, 2021

‘What’s at stake is obviously the security of our nation,’ NSA chief says of defending US from cyberattacks: Every day, foreign adversaries make millions of attempts to scan America’s military networks, Director of the National Security Agency and Commander of U.S. Cyber Command Gen. Paul Nakasone says, and there is incredible pressure to defend the nation from those adversaries. ABC, November 19, 2021

Cyber Warning

Reminder for Critical Infrastructure to Stay Vigilant Against Threats During Holidays and Weekends: As Americans prepare to hit the highways and airports this Thanksgiving holiday, CISA and the Federal Bureau of Investigation (FBI) are reminding critical infrastructure partners that malicious cyber actors aren’t making the same holiday plans as you. Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways—big and small—to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure. US CERT, November 22, 2021

Hack Back

Conti ransomware gang suffers security breach: The Conti ransomware group has suffered an embarrassing data breach after a security firm was able to identify the real IP address of one of its most sensitive servers and then gain console access to the affected system for more than a month. TheRecord, November 20, 2021

Financial Cybersecurity

US Banks Will Be Required to Report Cyberattacks Within 36 Hours: There is currently no specific time frame during which banks must report to federal regulators that a security incident had occurred. A new notification rules changes that to 36 hours. DarkReading, November 19, 2021

Cyber Enforcement

Interpol arrests over 1,000 suspects linked to cyber crime: Interpol has coordinated the arrest of 1,003 individuals linked to various cyber-crimes such as romance scams, investment frauds, online money laundering, and illegal online gambling. BleepingComputer, November 26, 2021

$3.5B Worth of Crypto Seized by the IRS Cybercrime Unit in 2021: The Cybercrime Unit of the United States Internal Revenue Service (IRS) reported that 93% of all seizures made in 2021 involved cryptocurrencies. CryptoPotato, November 23, 2021

Arrest in ‘Ransom Your Employer’ Email Scheme: In August, KrebsOnSecurity warned that scammers were contacting people and asking them to unleash ransomware inside their employer’s network, in exchange for a percentage of any ransom amount paid by the victim company. This week, authorities in Nigeria arrested a suspect in connection with the scheme — a young man who said he was trying to save up money to help fund a new social network. KrebsOnSecurity, November 22, 2021

Cyber Misc

The Internet is Held Together With Spit & Baling Wire: Imagine being able to disconnect or redirect Internet traffic destined for some of the world’s biggest companies — just by spoofing an email. This is the nature of a threat vector recently removed by a Fortune 500 firm that operates one of the largest Internet backbones. KrebsOnSecurity, November 26, 2021

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge