This week’s highlights includes a BEC – while a common and dangerous attack vector, many don’t fully understand what it is. Also, the 2023 FBI Elder Crime report is out (disturbing) and Phishing numbers are surging with the help of AI (depressing).
Hope all of you have a great Memorial Day and let’s all take time to remember our fallen heroes that sacrificed all so we could have much!
General
- YouTube has become a significant channel for cybercrime – Deepfake videos, malicious links, channel theft, and collaboration scams are just some of the way that criminals are weaponizing YouTube.
- EDR-Killing ‘GhostEngine’ Malware Is Built for Stealth – This malware terminates the end point protections, thus making them vulnerable. This is one example of why we do defense in depth – we want other layers of protections in case one of them fails.
- Best Practices to Reduce Cost of a Cyber Incident for Small to Mid-Sized Businesses – somewhat simplistic, but some good points. Worth a skim – while a real security program will include a lot more, this is good food for thought.
Data Loss
- Interactive Brokers Breached Due to Compromised Employee Email – When a threat actor gains access to an employee’s email account, it is called a Business Email Compromise (BEC). From there, the attacker can steal any information disclosed in emails, send emails to other parties impersonating the victim, and also compromise any other service that allows password resets or verification via email.
- 2.4 Million Impacted by WebTPA Data Breach – Names, contact info, dates of birth, dates of death, insurance information, and Social Security numbers. Organizations such as Allied Pilots Association, Dean Health Plan, Gerber Life Insurance Company, The Hartford Insurance, and Transamerica Life Insurance Company are confirmed to have been affected.
- Santander: breach at a third-party provider impacted customers and employees
Operational Disruption
- EPA Puts Teeth Into Water Sector Cyber Efforts – This continues to get attention and should be taken seriously as “Iran and Russia step up the volume of cyberattacks on water systems nationwide.”
- Personal Information Stolen in City of Wichita Ransomware Attack – Operations still not restored after almost 3 weeks and now we are learning that very sensitive data was stolen as part of the attack.
Social Engineering
- 2023 FBI Elder Fraud Report – Another interesting FBI release that is worth skimming. In 2023, Senior citizens lost over twice as much as any other age group – a total of $3.4B. Some discussed attack methods include Romance scams, Tech Support Scams, Investment Scams, and Government Impersonation.
- Advanced Phishing attacks show 341% Rise – Unfortunately, tools like ChatGPT have made these attacks far more effective, making them far more attractive to cybercriminals. Traditional advice on spotting phishing is not nearly as effective as it was in the past.
Vulnerabilities and Malware
- QNAP Rushes Patch for Code Execution Flaw in NAS Devices – Patch immediately if you have QNAP devices.
- Veeam warns of critical Backup Enterprise Manager auth bug – These are always serious, as backups are commonly attacked as part of ransomware attacks. (To eliminate the option of self-recovery.) Patch available.
- Critical GitHub Enterprise Server Flaw Allows Authentication Bypass – Another Authentication bug that could allow attackers to manipulate code in a variety of bad ways. Recommend moving to the latest version if you are on a version of SHES prior to 3.13.0.
- Google Patches Fourth Chrome Zero-Day in Two Weeks
Phishy Phirewalls – the lighter side of security!
HopeNet (HopeNetCISO.com) reviews a variety of security news sources so you do not have to! The list below represents items relevant to churches, nonprofits, and charities. The headlines and our added comments are meant to provide enough to get an overview of recent happenings, but links are also provided for readers that want to explore certain topics deeper.
If this was shared with you and you would like to receive a copy directly to your email, please subscribe at HopeNetCISO.com. Thanks for reading!