It is Tuesday. You’re not a day off and I’m not a day late getting the newsletter out. It’s by design. While I continue to gain subscribers, they don’t always open the delivered email message. Maybe the first day back in the office after the weekend is just too hectic to take the time to read a semi-pertinent newsletter? So I’m publishing on Tuesday to see if I get a better open rate.
As of today, password manager LastPass only allows one device on the free tier. I’ve been a somewhat satisfied Lastpass user for the past three years. I’ve been considering a move to Bitwarden since it is an open-source product, but have been too lazy to make the switch. I guess the time is now since I need to sync four devices. I’ll report back on the transition.
Pandemic is a boon
The Covid-19 pandemic has proven to not only be a boon for work-from-home communication providers, drug companies, and pizza delivery restaurants, but also for criminals. Proofpoint explains how cyber-criminals are using pandemic themed social engineering attacks to exploit the crisis.
ID.me, the security contractor who provides identity confirmation services to 19 states, predicts that 30% of all Pandemic Unemployment Assistance (PUA) claims are fraudulent. This has resulted in 200 BILLION dollars in loss due to fraud.
"Organized crime rings in Russia, China, Nigeria ,and Ghana, and prisoners and petty thieves have made it their job to exploit the pandemic and creatively work to steal funds from state agencies, including PUA funds from the federal government," - Blake Hall, CEO of ID.me
Sour Apple
I have written and spoke about the danger of insider threats and the need to devote attention to your employees just as much as your adversaries. Apple knows this as well but still got bit. Apple filed a lawsuit on Thursday against a former employee that accuses him of leaking trade secrets to an unnamed media contact during his employment. The suit alleges the employee was trading apple secrets for favorable media coverage of a start-up where he was a financial investor.
More Accellion fallout
Michigan based Flagstar Bank announced they were compromised through their partnership with software provider Accellion. This continues to illustrate the risks a company faces through it’s vendors and partners. The Accellion hack led the compromise of dozens of business partners including Kroger, Qualys, and the state of Washington. Additional story from ZDNet.
You’re being watched - by everyone
A group of “hackers” exploited the network of security camera and software manufacturer Verkada Inc., gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons and schools. Tesla and Cloudflare are among the businesses whose cameras were accessible. The hackers say they also have the full video archive of all Verkada customers.
I went to the Verdaka website just to see what services they offer and found this nugget, “Security was top of mind when designing Verkada. That’s why we redesigned video security infrastructure, and built a system that’s secure from the ground up”. They claim their system is “secure by default”. I guess not.
Covid-19 fraud guidance
The Federal Trade Commission released guidance for victims who have found themselves responsible for Small Business Administration (SBA) loans they never received or even applied for. SBA Economic Injury Disaster Loan (EIDL) fraud has been rampant with thieves taking advantage of the weak controls and confusion. The page is a great resource where victims can go for answers and assistance.
The Rest…
Phishing campaign targets Coinbase users in an effort to access cryptowallets.
And without missing a beat…a new ransomware variant targets exposed Microsoft exchange servers. Fortinet provides some threat intelligence and mitigation options while Malwarebytes describes “DearCry” .
DomainTools security researchers provide a rundown of how they investigated an attempt to utilize a domain created to look like a log-in URL for Tesco bank. Within short order of domain registration the bad guys had created a complete web-page that was a complete copy of the actual Tesco Bank log-in page.
A webinar worth watching: Cybereason - The State of Ransomware. Tuesday March 23, 2021 at 1pm EST. Register.
I don’t fully understand how this fraud works but someone is make heaps on money promoting fake cryptocurrency giveaways on Twitter.
Cool Tool
Tab Resize - Split Screen Layouts. This is a browser extension that allows you to split your screen vertical, horizontal, and four square. It works on Chrome or the Brave browser (which I suggest). I have found it invaluable for doing web based investigations where I need to have multiple views open at the same time.
“THE MOST DIFFICULT THING IS THE DECISION TO ACT. THE REST IS MERELY TENACITY” - Someone smarter than me.
You made it to the end! There is intense competition for your attention and I truly appreciate the few minutes you give to this newsletter.
Matt