This week’s essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned. Designed to educate, support, and advocate.

Stan’s Corner

There are several points to be made about election security. Most vitally, our election systems — our votes — are being protected as never before. That’s the message from Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Also critical to an open, honest, and fair election is the rapid response of CISA, the FBI, and the intelligence agencies in identifying attempts by America’s adversaries to influence the election by spreading disinformation and otherwise meddling in our election.

For us, we the people, it’s important to treat everything we see and read as at least somewhat suspect. We are all being targeted with stories that confirm our biases about how bad the other side is.

Be suspicious. Always be suspicious. Rule #3 in our guide How Hackable Are You? The more the story appeals to what we want to believe about the other side, the more important it is that we treat it with suspicion.  This includes being very suspicious about what we donate to. Don’t fall victim to election fundraising scams like the people in the CNN story in Section 2.

Whichever side you’re on, know that the next 10 days are going to be brutal.

• U.S. cybersecurity chief says election systems have ‘never been more secure’: Amid widespread concerns of outside interference influencing the results this year’s presidential election, the head of the country’s cybersecurity agency says election infrastructure is more secure than ever. … State and local election officials across the country have made big improvements to strengthen both physical and cyber security at polling and voting locations to preserve election integrity, said Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency, in an interview with Weekend Edition.

• Foreign threats to the US election are on the rise, and officials are moving faster to expose them: A presidential candidate’s phone is hacked. A fake video falsely shows ballots burned in Pennsylvania. National security officials warn that U.S. adversaries may incite violent protests after Election Day. … These developments — all revealed in the past week — show how Russia, China and Iran have increased the pace of efforts to meddle in American politics ahead of next month’s election, just as intelligence officials and security analysts had predicted. … At the same time, officials, tech companies and private researchers have adopted a more aggressive defense by swiftly exposing foreign election threats, highlighting the lessons learned from past election cycles that revealed America’s vulnerability to disinformation and cyberespionage.

• US intelligence says Russia is behind video of ballots being destroyed in Pennsylvania: U.S. intelligence officials have confirmed that a viral video spreading online showing mail-in ballots being destroyed in the key battleground suburb of Bucks County, Pennsylvania, is a hoax perpetrated by Russia as part of its covert effort to help elect former President Donald Trump.

• FBI, CISA investigating China-linked telecom hacks following reports of intrusions on Trump, Harris phones: U.S. agencies are investigating allegations that hackers connected to the government of China breached the systems of multiple telecommunications companies following reports that devices belonging to Vice President Kamala Harris’ campaign, former President Donald Trump and vice presidential candidate JD Vance were targeted in a broad campaign. 

From SecureTheVillage

• Upcoming Events

  • 9th Annual Official Los Angeles Cybersecurity Summit, Fairmont Century Summit, November 21.

  • A Reasonable Approach to Reasonable Security. January 30, 2025.  SecureTheVillage’s 5th Annual Reasonable Security Summit. Mark your calendars for this all-day hybrid event!!!

• Smaller business? Nonprofit? Take your security to the next level. Apply Now! If you’re a small business or nonprofit in the greater Los Angeles area, apply NOW for LA Cybersecure ™.  Protect your organization with our innovative team-based learn-by-doing program with coaching and guidance that costs less than two cups of coffee a week.

• IT Service Provider / MSP? Grow revenues. Take your client’s security to the next level. Apply Now!  If you’re an IT service provider in the greater Los Angeles area, apply NOW for LA Cybersecure ™. With our innovative team-based learn-by-doing program, you’ll have both that “seat at the table” and the assurance that you’re providing your clients with the reasonable IT security management they need. … The LA Cybersecure ™ Program is funded in part by a grant from the Center for Internet Security (CIS) Alan Paller Laureate Program.

• SecureTheVillage FREE Newsletters. Sign up or share with a friend!

  • Cybersecurity News of the Week & Weekend Patch Report. Our award winning newsletter. Essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned.

  • Family Protection Newsletter: Our monthly newsletter for non-cyber experts. For your parents, friends, and those who need to protect themselves in a digital world.

• How Hackable Are You? Think your defenses are strong. Find out as SecureTheVillage tests you on five basic controls and download our free updated 13-step guide.

• Please Support SecureTheVillage: We need your help if we’re to build a world of CyberGuardians TM. Please donate to SecureTheVillage. Thank you. It takes a village to secure the village.TM. 

Cybersecurity Nonprofit of the Week … Sightline Security

Our kudos this week to Sightline Security, a nonprofit that helps nonprofits secure and protect their critical information. Sightline’s mission is to equip, empower, and support nonprofits to navigate and embed cybersecurity into their organizations with confidence. Kudos to Sightline Security for their cyber support to the vital under-served nonprofit community. Sightline Security played a major role in the development of LA Cybersecure ™. Like SecureTheVillage, Sightline Security is a fellow-member of Nonprofit Cyber.

Cyber Humor

Section 2: Let’s Be Careful Out There. And Let’s Help Others Who Aren’t Yet Cyber-Aware. 

Here’s an excellent piece on staying safe from scams. Stay suspicious. And a sad piece about seniors with dementia being victimized in election scams. … I omitted the Party and Candidate names in the piece below. … The story isn’t about this Party or that Party. It’s about the pain and devastation felt by those who have lost everything through deceit.

• October is Cybersecurity Awareness Month. Here’s how to stay safe from scams: October is Cybersecurity Awareness Month, which means it’s the perfect time to learn how to protect yourself from scams. … “Scams have become so sophisticated now. Phishing emails, texts, spoofing caller ID, all of this technology gives scammers that edge,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center. … As scammers find new ways to steal money and personal information, consumers should be more vigilant about who they trust, especially online. A quick way to remember what to do when you think you’re getting scammed is to think about the three S’s, said Alissa Abdullah, also known as Dr. Jay, Mastercard’s deputy chief security officer. “Stay suspicious, stop for a second (and think about it) and stay protected,” she said. Whether it’s romance scams or job scams, impersonators are looking for ways to trick you into giving them money or sharing your personal information.

• How elderly dementia patients are unwittingly fueling political campaigns: A CNN investigation reveals how deceptive political fundraising has misled elderly Americans into giving away millions of dollars. … The 80-year-old communications engineer from Texas had saved for decades, driving around in an old car and buying clothes from thrift stores so he’d have enough money to enjoy his retirement years. … But as dementia robbed him of his reasoning abilities, he began making online political donations over and over again — eventually telling his son he believed he was part of a network of political operatives communicating with key <Party> leaders. In less than two years, the man became one of the country’s largest grassroots supporters of the <Party> Party, ultimately giving away nearly half a million dollars to <Presidential Candidate> and other candidates. Now, the savings account he spent his whole life building is practically empty.

Section 3: Cybersecurity and Privacy News for the Cyber-Concerned.

In a positive story, the Treasury Department reports how AI helps them uncover fraud.

• AI helped the feds catch $4 billion of fraud in one year. And it’s just getting started: The federal government’s bet on using artificial intelligence to fight financial crime appears to be paying off. … Machine learning AI helped the US Treasury Department to sift through massive amounts of data and recover $1 billion worth of check fraud in fiscal 2024 alone. That’s nearly triple what the Treasury recovered in the prior fiscal year. … “It’s really been transformative,” Renata Miskell, a top Treasury official, told CNN in a phone interview. … The Treasury Department credited AI with helping officials prevent and recover more than $4 billion worth of fraud overall in fiscal 2024, a six-fold spike from the year before.

In legal action this week, the SEC and Ireland’s Privacy Regulator both had fruitful weeks. And Delta has filed its lawsuit against Crowdstrike for the disruption that allegedly cost the company half a billion dollars.

• SEC charges tech companies for downplaying SolarWinds breaches: The SEC has charged four companies—Unisys Corp, Avaya Holdings, Check Point Software, and Mimecast—for allegedly misleading investors about the impact of their breaches during the massive 2020 SolarWinds Orion hack. … “The Securities and Exchange Commission today charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions,” announces the SEC in a Tuesday press release. … “The SEC also charged Unisys with disclosure controls and procedures violations.” … These companies agreed to pay civil penalties to settle the SEC’s charges. Unisys will pay $4 million, Avaya will pay $1 million, Check Point will pay a $995,000 civil penalty, and Mimecast will pay a $990,000 penalty.

• LinkedIn hit with $335 million fine for using member data for ad targeting without consent: Ireland’s top privacy regulator on Thursday fined social media platform LinkedIn €310 million ($335 million) for allegedly using its members’ data for advertising purposes without obtaining their consent. … The Microsoft-owned company violated the European Union’s General Data Protection Regulation (GDPR) when it processed users’ data for behavioral analysis and targeted advertising, Ireland’s Data Protection Commission (DPC) said in its announcement. By unfairly processing the data without transparency or consent LinkedIn broke the law, it added.  … The hefty fine is one of the largest ever levied against a tech company for violating the GDPR.

• Delta Sues CrowdStrike Over July Operations Meltdown: Airline alleges gross negligence by cybersecurity firm; CrowdStrike says Delta is attempting to shift blame for outdated systems. … Delta Air Lines sued CrowdStrike over the July global technology outage that grounded thousands of flights and preceded a dayslong debacle for the air carrier. … The lawsuit accused CrowdStrike of gross negligence, alleging that the cybersecurity company is to blame for not only the outage but the rolling disaster that followed for the airline. In the lawsuit filed Friday in a Georgia state court, Delta called the IT breakdown “catastrophic,” citing $500 million in out-of-pocket losses and losses to future revenue. 

In recognition of Halloween, the following story wraps cybercrime into the metaphor of ghosts and goblins. Some fascinating statistics make me think I’d be safer spending Halloween at Stephen King’s Overlook Hotel than on the Internet.

• These cybercrime facts show why cybercriminals are more terrifying than the monsters and ghouls roaming the street on Halloween: Cybercriminals love to give new meaning to the phrase “trick or treat.” … Through cyber attacks, phishing, ransomware, and data breaches, bad guys love causing mayhem for businesses and consumers. But their actions aren’t chalked up to the pranks one would expect on All Hallows’ Eve. Their impacts are far more costly and devastating to victims. … Ransomware Netted Threat Actors More Than $1.1B in Ill-Gotten Gains. 51% of Organizations Lost $5-$25 million to AI-related Threats. True Cost of Fraud to Older Adults to Top $5 billion. … Here’s 10 more 13 cybercrime facts that will make your hair stand on end.

This week in cybercrime:

• Landmark, an administrator for insurance firms, says 800,000 affected by data breach: One of the biggest third-party administrators for several large insurance firms said a cyberattack in May exposed the sensitive information of more than 800,000 people. … Landmark Admin told regulators in Maine that names, Social Security numbers and tax identification numbers were accessed by the hackers. … For an unknown subset of people, the breach also exposed driver’s license numbers, passport numbers, bank account information, routing numbers and medical information was also leaked. Health insurance policy information and life and annuity policy information. … The Texas-based company works as a third-party administrator for insurance carriers like Liberty Bankers Insurance Group (LBIG), which includes American Monumental Life Insurance Company, Pellerin Life Insurance Company, American Benefit LifeInsurance Company, Liberty Bankers Life Insurance Company, Continental Mutual Insurance Company, and Capitol Life Insurance Company. 

• UnitedHealth says data of 100 million stolen in Change Healthcare breach: UnitedHealth has confirmed for the first time that over 100 million people had their personal information and healthcare data stolen in the Change Healthcare ransomware attack, marking this as the largest healthcare data breach in recent years.

• RansomHub gang allegedly behind attack on Mexican airport operator: A hacking group recently spotlighted by U.S. agencies said it is responsible for an attack targeting an operator of 13 airports across Mexico. … Grupo Aeroportuario del Centro Norte announced last Friday that a cyber incident forced its IT team to turn to backup systems in an effort to continue running the airports it controls across central and northern Mexico. Known colloquially as OMA, the company runs airports in Monterrey and other major Mexican cities, handling more than 19 million passengers so far this year.  … On Thursday, the RansomHub operation claimed to be responsible for the incident, and threatened to leak 3 terabytes of stolen data if an undisclosed ransom is not paid. U.S. agencies warned of the group’s attacks in August, saying it was responsible for more than 210 incidents since emerging in February. 

Section 4: Managing cybersecurity in the organization

Two stories on how — in the face of increasingly damaging cyber disruption — the CISO role is becoming increasingly strategic.

• CISO Role Gains Influence: 20% Report Directly to CEOs: Deloitte Global’s Future of Cyber survey reveals how organisations are adapting to a changing threat landscape by enhancing the role of the CISO. The Global Future of Cyber Survey which is currently in its fourth edition has shown the progression of the cybersecurity role in the C-suite. …  A director general of a government cyber and IT security agency said: “The big shift for us is by bringing in the security discussion before, not after, building the solution. … “We really want to move into ‘security by design’ as opposed to what often happens – ‘security by assessment’ – which requires security to be more of a strategic part of the overall business.”

• CISOs as Organizational Bridge Builders for Cybersecurity Culture: As of 2023, 100% of Fortune 500 companies had a CISO role or its equivalent. This figure was only 70% in 2018. It marks the unmistakable trend in the business world that CISOs are emerging as vital organizational bridge builders tasked with connecting the often-siloed worlds of security and business to foster a robust cybersecurity culture that permeates all levels of the organization. … However, this does not come without its own challenges. CISOs often encounter resistance from business leaders who may prioritize short-term gains over long-term security investments and grapple with the complexities of aligning security measures with business agility. … In this article, we explore the evolving role of the CISO and examine the key strategies and challenges involved in fostering a robust cybersecurity culture.

As if to emphasize the importance of the strategic cultural shift, the next story demonstrates once again that we are not doing a good enough job helping our users defend themselves against attack. And let’s warn users to be careful about the social engineering attacks on Teams.

• Human error is cybersecurity’s number one concern, Kaseya report finds: User behavior is the biggest cybersecurity challenge facing IT organizations today, new research from Kaseya has found, as threat actors and defenders alike increasingly adopt AI. … The 2024 Kaseya Security Survey quizzed IT professionals across North America, the UK and EU, as well as APAC and New Zealand, working for companies with annual revenue of between $1 million and $10 million, and between 101-500 employees. … It found that a resounding 89% of participants stated bad user behavior or lack of training as their main cybersecurity hurdle in 2024. User-related security issues – such as poor user practices and gullibility – was the largest concern (45%), while lack of end-user security training (44%) followed close behind.

• Black Basta ransomware poses as IT support on Microsoft Teams to breach networks: The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack.

Weekend Patch Report, October 27, 2024

Keeping your computer programs patched and updated is one of the Top-5 things you can do to protect your security and privacy. This is because cyber criminals will take control of your computer by running programs that “exploit” security vulnerabilities in the programs you use. When software companies find a vulnerability, they usually issue an update to patch and fix it. It then becomes your responsibility to update the program that’s been patched. While there are tools that support this, such as Norton 360 on Windows and Ninite, it’s important that you make certain you are running the latest versions. This is your responsibility.

Important Security Updates

UPDATE Button on Computer Keyboard

The following lists current versions of common software programs. Items in Bold have been updated in the past week. If you use these programs, you should ensure they are updated. Updates are usually available from within the program. If not, updates can be downloaded from the company’s website.

7-Zip 24.08.

Adobe Acrobat Reader  2024.003.20180

AVG 24.10.3353.

Apple iOS 18.0.1

Apple iPadOS  18.0.1

Apple macOS Sequoia 15.0.1

Apple tvOS 18

Apple watchOS  11.0.1

Apple visionOS  2.0.1

Apple Safari 18.0.1

Apple macOS Sonoma 14.7

Apple macOS Ventura 13.7

CCleaner 6.29.11342.

Chrome updated to 130.0.6723.70.

Discord updated to 1.0.9168.

Dropbox 210.4.4854.

Edge updated to 130.0.2849.56.

ExpressVPN updated to 12.90.0

Firefox 131.0.3.

Foxit Reader 2024.3.0.26795.

Google Drive for Desktop 98.0.0.0.

iTunes updated to 12.13.4.4.

KeePass 2.57.1.

Malwarebytes updated to 5.2.0.140.

Microsoft 365 & Office

Microsoft Windows

Notepad++  8.7.

Opera Chromium updated to 114.0.5282.115.

Safari 17.6

Skype updated to 8.131.0.202.

Spotify updated to 1.2.49.439.

TeamViewer 15 15.58.5.

Thunderbird 115.15.0.

Zoom updated to 6.2.5.48876.

********************

If you are responsible for the security of your computer, our Weekend Patch Report is for you. We strongly urge you to take action to keep your system(s) patched and updated.

If someone else is responsible for the security of your computer, forward our Weekend Patch Report to them and follow up to make sure your computer has been patched and updated.

Vulnerability management is a key element of information security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Chrome & Firefox, Office, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.

SecureTheVillage publishes our Weekend Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates.

Copyright © 2024 SecureTheVillage. All rights reserved.