This week’s essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned. Designed to educate, support, and advocate.
Stan’s Corner
Microsoft published their 5th annual Digital Defense Report this week. Cybercrime continues to escalate. Everyone and everything is at risk, from our government to our businesses to our families. As the report points out, meeting this challenge requires a commitment to cyber defense from the individual user to the corporate executive and government leaders.
Since our founding 9 years ago yesterday, SecureTheVillage has been committed to helping our community’s smaller businesses, our nonprofits, and our families and individuals meet this challenge. Happy 9th anniversary SecureTheVillage.
We’re in this together.
- Escalating Cyber Threats Demand Stronger Global Defense and Cooperation: Microsoft customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks. Once again, nation-state affiliated threat actors demonstrated that cyber operations—whether for espionage, destruction, or influence—play a persistent supporting role in broader geopolitical conflicts. Also fueling the escalation in cyberattacks, we are seeing increasing evidence of the collusion of cybercrime gangs with nation-state groups sharing tools and techniques. … We must find a way to stem the tide of this malicious cyber activity. That includes continuing to harden our digital domains to protect our networks, data, and people at all levels. However, this challenge will not be accomplished solely by executing a checklist of cyber hygiene measures but only through a focus on and commitment to the foundations of cyber defense from the individual user to the corporate executive and to government leaders. … These are some of the insights from the fifth annual Microsoft Digital Defense Report, which covers trends between July 2023 and June 2024.
From SecureTheVillage
- Upcoming Events
- Join Stan at CyberWyoming: Wyoming Virtual Cybersecurity Conference, October 23. Learn about how we’re helping IT service professionals and MSPs change the narrative to deliver improved cybersecurity and increase revenue.
- 9th Annual Official Los Angeles Cybersecurity Summit, Fairmont Century Summit, November 21.
- A Reasonable Approach to Reasonable Security. January 2025. SecureTheVillage’s 5th Annual Reasonable Security Summit.
- Smaller business? Nonprofit? Take your security to the next level. Apply Now! If you’re a small business or nonprofit in the greater Los Angeles area, apply NOW for LA Cybersecure™. Protect your organization with our innovative team-based learn-by-doing program with coaching and guidance that costs less than two cups of coffee a week.
- IT Service Provider / MSP? Grow revenues. Take your client’s security to the next level. Apply Now! If you’re an IT service provider in the greater Los Angeles area, apply NOW for LA Cybersecure™. With our innovative team-based learn-by-doing program, you’ll have both that “seat at the table” and the peace of mind that you’re providing your clients with the reasonable IT security management they need. … The LA Cybersecure™ Program is funded in part by a grant from the Center for Internet Security (CIS) Alan Paller Laureate Program.
- SecureTheVillage FREE Newsletters. Sign up or share with a friend!
- Cybersecurity News of the Week & Weekend Patch Report. Our award winning newsletter. Essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned.
- Family Protection Newsletter: Our monthly newsletter for non-cyber experts. For your parents, friends, and those who need to protect themselves in a digital world.
- How Hackable Are You? Think your defenses are strong. Find out as SecureTheVillage tests you on five basic controls and download our free updated 13-step guide.
- Please Support SecureTheVillage: We need your help if we’re to build a world of CyberGuardians TM. Please donate to SecureTheVillage. Thank you. It takes a village to secure the village.TM.
Cybersecurity Nonprofit of the Week … The Anti Phishing Working Group (APWG)
Kudos this week to the Anti Phishing Working Group (APWG). APWG unifies the global response to common cybercrimes and related infrastructure abuse through technical diplomacy; curation of a real-time clearinghouse of internet event data; development of applied research; and deployment and maintenance of global cybersecurity awareness campaigns. All of us can help APWG help us by forwarding malicious-appearing phishing messages to reportphishing@apwg.org. Like SecureTheVillage, APWG is a fellow-member of Nonprofit Cyber.
Cyber Humor
Section 2: Let’s Be Careful Out There. And Let’s Help Others Who Aren’t Yet Cyber-Aware.
Let’s remind the people we love to be careful on the Internet. Rule #3: Always be suspicious. Not just during Cybersecurity awareness month.
- How ‘pig butchering’ romance scams siphon millions from Californians every year: ‘It’s heartbreaking to hear the stories and to talk to the victims,’ says an official with a state agency trying to combat the sophisticated con. … It took two months of near daily conversations, of first cultivating trust and then love, before he walked into her trap. … Two months of phone calls, text messages and video chats. Two months of sharing their life stories and their dreams about the future before he took the bait — an investment opportunity pitched by this woman he had never met.
As teen sextortion continues to climb, parents, please talk to your children. Keep them safe. Not just during Cybersecurity awareness month.
- Instagram addresses ‘sextortion’ as teen safety troubles increase: Scammers are targeting teens by obtaining their intimate photo. … Instagram says it’s rolling out a suite of new settings to fight “sextortion,” a type of blackmail that uses sexual images or conversations to pressure victims into paying money. … Meta’s global head of safety, Antigone Davis, said in an interview that sextortion is a growing problem on Instagram. Scammers befriend a victim, often claiming to live in the same country and be the same age, then ask for explicit photos. Scammers threaten victims with exposing the pictures and ask for money to keep them private.
It’s getting close to the holiday season. Time for another reminder to be careful out there. Not just during Cybersecurity awareness month.
- ‘Card declined’ scares online shoppers in latest scam to run up fraudulent charges: We haven’t even handed out the fun-sized Snickers bars yet, but no matter, since many people get a jump on holiday shopping long before the last porch light goes out on Halloween. … Scammers know that we’re now in prime time shopping season, and they’re crafting all sorts of ways to grab your cash.
Section 3: Cybersecurity and Privacy News for the Cyber-Concerned.
Two stories on the growing cyber-threat from China.
- Meet the Chinese ‘Typhoon’ hackers preparing for war: Of the cybersecurity risks facing the United States today, few loom larger than the potential sabotage capabilities posed by China-backed hackers, which top U.S. officials have described as an “epoch-defining threat.” … In recent months, U.S. intelligence officials said Chinese government-backed hackers have been burrowing deep into the networks of U.S. critical infrastructure, including water, energy, and transportation providers. The goal, officials say, is to lay the groundwork for potentially destructive cyberattacks in the event of a future conflict between China and the U.S., such as over a possible Chinese invasion of Taiwan. … “China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike,” FBI Director Christopher Wray told lawmakers earlier this year.
- Scale of Chinese Spying Overwhelms Western Governments: Beijing is conducting espionage activities on what Western governments say is an unprecedented scale, mobilizing security agencies, private companies and Chinese civilians in its quest to undermine rival states and bolster the country’s economy. … Rarely does a week go by without a warning from a Western intelligence agency about the threat that China presents. … Last month alone, the Federal Bureau of Investigation said a Chinese state-linked firm hacked 260,000 internet-connected devices, including cameras and routers, in the U.S., Britain, France, Romania and elsewhere. A Congressional probe said Chinese cargo cranes used at U.S. seaports had embedded technology that could allow Beijing to secretly control them. The U.S. government alleged that a former top aide to New York Gov. Kathy Hochul was a Chinese agent. … U.S. officials last week launched an effort to understand the consequences of the latest Chinese hack, which compromised systems the federal government uses for court-authorized network wiretapping requests.
Kudos to law enforcement on some important take downs this week.
- U.S. Indicts 2 Linked to Oct. 7 Cyberattack on Israeli Warning System: The Justice Department has accused two Sudanese brothers of cyberattacks on U.S. infrastructure as well as preventing possibly lifesaving alerts from reaching Israelis as the Hamas attack unfolded. … It was early morning on Oct. 7, 2023, and Hamas fighters had just breached the Israeli border, when Ahmed Omer, a young Sudanese man with an aptitude for computers, launched a different kind of attack. … Sitting at a computer, he mounted a long-distance cyberassault on the online early warning systems used in Israel to alert citizens to danger. The systems were briefly disabled, preventing potentially lifesaving warnings from reaching Israelis about Hamas’s deadly assault, in which about 1,200 people were killed and more than 200 abducted. … That was the case made against Mr. Omer and his brother, Alaa Omer, in a criminal indictment unsealed in California this week. … The brothers are accused of running a group called Anonymous Sudan, which for the year it existed launched as many as 35,000 cyberassaults known as distributed denial of service, or DDoS, attacks. The attacks disrupted websites belonging to government agencies, including the F.B.I. and Justice Department, and to news agencies, such as The Washington Post and CNN, according to the indictment.
- Hacker allegedly behind attacks on FBI, Airbus, National Public Data arrested in Brazil: Federal law enforcement in Brazil arrested a hacker allegedly behind several brazen, high-profile cyberattacks.
- Feds arrest man who allegedly participated in hack of the SEC’s X account, boosting Bitcoin’s price by $1,000: Federal authorities announced Thursday the arrest of a man in Alabama, accusing him of participating in the hack of the U.S. Securities and Exchange Commission’s X account earlier this year.
- Sweden, Finland partner to take down Sipulitie criminal marketplace: An online haven for the sale of narcotics and other criminal goods in Scandinavia was shut down and had its servers seized by law enforcement agencies in Sweden and Finland. … Launched in February 2023 on the Tor network, the Sipulitie marketplace originally focused on Finland before expanding to cover other Scandinavian countries.
Cybercriminals hack organizations with cyber-insurance because they know there will be a payday. The government wants to do something about that.
- The government is getting fed up with ransomware payments fueling endless cycle of cyberattacks: With ransomware attacks surging and 2024 on track to be one of the worst years on record, U.S. officials are seeking ways to counter the threat, in some cases, urging a new approach to ransom payments. … Ann Neuberger, U.S. deputy national security adviser for cyber and emerging technologies, wrote in a recent Financial Times opinion piece, that insurance policies — especially those covering ransomware payment reimbursements — are fueling the very same criminal ecosystems they seek to mitigate. “This is a troubling practice that must end,” she wrote, advocating for stricter cybersecurity requirements as a condition for coverage to discourage ransom payments.
Marriott settles breach claims with FCC and states.
- Marriott to Improve Data-Security Practices, Pay $52 Million in U.S. Settlements: Case is related to data breaches that affected hundreds of millions of customers. … Marriott agreed to pay a penalty and implement enhanced data-security practices as part of separate settlements with the Federal Trade Commission and U.S. states related to data breaches that affected hundreds of millions of customers. … In its settlement with the FTC, the Bethesda, Md., company said it would provide U.S. customers with a way to request that personal information associated with their email address or loyalty rewards account number is deleted. … Marriott said it would offer an online portal for hotel members to report potentially suspicious loyalty-account activity and implement a multi-factor authentication option for company accounts. The settlement also requires the company to review loyalty rewards accounts upon customer request and restore stolen loyalty points.
This week in cybercrime.
- Alleged Cisco data breach could affect Microsoft, Barclays, and SAP developer data: A BreachForum post made by IntelBroker claims source code was taken from these Cisco customers in the breach. … Notorious hacker “IntelBroker” is offering to sell a large amount of sensitive data from Cisco allegedly stolen from a June 2024 breach along with two fellow hackers the threat actor called “EnergyWeaponUser” and “zjj.” … Cisco is reportedly investigating the breach claims after Intel Broker posted a sample of stolen data on BreachForums. … “Cisco is aware of reports that an actor is alleging to have gained access to certain Cisco-related files. We have launched an investigation to assess this claim, and our investigation is ongoing,” a Cisco spokesperson said. … The breach allegedly affected a huge amount of developer data for a number of Cisco customers including big names such as Microsoft, Barclays, SAP, T-Mobile, AT&T, and Verizon.
- Casio says ‘no prospect of recovery yet’ after ransomware attack: Japanese electronics giant Casio has confirmed that many of its systems remain unusable almost two weeks after it was hit by a ransomware attack. … Casio spokesperson Ayuko Hara told TechCrunch on Thursday that the company sees “no prospect of recovery yet” as it struggles to bounce back from the cyberattack.
- Boston Children’s Health Physicians confirms September data breach: A prominent organization that helps connect people with doctors in New York and Connecticut warned patients that a breach in September exposed troves of sensitive information. … Boston Children’s Health Physicians — which helps pair children with more than 300 doctors through 60 regional offices as part of the Boston Children’s Hospital network of care — said in a notice that it first was notified of unusual activity on its systems on September 6.
- Hackers are extorting Globe Life with stolen customer data: Insurance giant Globe Life, which provides life and health insurance policies to millions of Americans, says it is being extorted by a hacker that has stolen customers’ sensitive data. … In a regulatory filing with the U.S. Securities and Exchange Commission on Thursday, the Texas-based conglomerate said it has “recently received communications” from an unknown threat actor who is seeking to extort money from the company in exchange for not disclosing data stolen from its systems.
Section 4: For MSPs and IT Service Providers.
- The Cybersecurity Burnout Crisis Is Reaching The Breaking Point: The role of cybersecurity leaders has never been more vital—or more stressful. A new study from BlackFog reveals that nearly a quarter of CISOs and IT Security Decision Makers are actively considering leaving their roles, with 93% citing overwhelming stress as the key driver. As organizations face mounting pressure from increasingly sophisticated cyberthreats, including AI-powered attacks, ransomware, and data exfiltration, CISOs are working longer hours with fewer resources. This growing cybersecurity burnout crisis has a direct impact on organizations, and highlights the urgent need for businesses to better support their security teams.
