In the past few weeks, I’ve sought out various document and form templates such as spreadsheets, surveys and resume. I’ve even found a few I liked enough to download. Security company Esentire published an excellent piece which explains why that probably wasn’t such a good idea. The company has discovered over 100,000 unique web pages containing popular business terms such as template, invoice, receipt, questionnaire, and resume. The pages are being created and hosted by a cyber threat group who has loaded the downloadable documents with a RAT - remote access trojan.
Esentire does a thorough job documenting the attack and it is worth a few minutes of your time. And I bet you think twice before you download another resume template for Google docs.
https://www.esentire.com/security-advisories/hackers-flood-the-web-with-100-000-malicious-pages-promising-professionals-free-business-forms-but-are-delivering-malware-reports-esentire
No honor among thieves
Not something I read but… Security researcher Colin Hardy purchased a phish kit from a darkweb vendor and got scammed. The code was full of bugs and significantly outdated. The only person getting scammed by this phishing page was the person who paid for it. He made a detailed video documenting the experience.
Small business, big targets
Although a sales pitch, this article is accurate in scope and scale. Small businesses are prime targets for cybercrime actors since they are less likely to have the means to protect themselves. The article highlights a stat from Keeper Security that I often use, “66% of small business decision makers believe their organization is unlikely to be targeted by criminals”. 66% of small business leaders need to be fired. https://hacked.com/small-businesses-get-hacked/
He went ‘Ol Skool
The U.S. Attorney’s Office for the Middle District of Pennsylvania announced the sentencing of a Dunmore, PA man for a bank fraud scheme that saw him write over $400,000 in bad checks. Yes, paper checks. It’s kinda of refreshing in a strange way. https://www.justice.gov/usao-mdpa/pr/dunmore-man-sentenced-16-months-imprisonment-bank-fraud
It’s only training if they listen…
Talent LMS and Kenna Security produced a survey that revealed regardless of the training effort, people still don’t know about cybersecurity. One statistic from the survey showed “69% of respondents have received cybersecurity training from their employers, and yet, when we asked them to take a basic quiz, 61% failed”. Or maybe they just don’t care? The report details “out of all the respondents who answered all seven questions wrong, 80% reported having received training.”. https://www.talentlms.com/blog/cybersecurity-statistics-survey/#How_much_do_employees_actually_know_about_cybersecurity
The Rest…
Not even library users are safe as the Chattanooga (TN) Public Library reveals they mistakenly exposed the private data of 5000 library patrons. https://www.wrcbtv.com/story/43681317/data-breach-of-thousands-of-chattanooga-library-card-owners-revealed
Just up the road from me - Duncannon Borough (PA), population 1500, is recovering from a ransomware attack that locked the borough administration’s computer network. It seems the attack was launched through their IT vendor who they were paying for IT and security services. Oops. Obviously, the vendor is paying up. https://www.pennlive.com/perry-county-times/2021/04/duncannon-recoups-money-lost-in-last-years-cyber-attack.html
Forbes details the need for those of corporate boards to have a better understanding of cyber. https://news.bloomberglaw.com/privacy-and-data-security/rippling-cyberattacks-force-corporate-boards-to-rethink-risk
The FCC is finally addressing the robocall pestilence. https://www.fcc.gov/document/fcc-announces-push-robocall-blocking-consumer-resources
And some retro-tech for those of us who wrote our college papers on Brother word processors (yeah, the ones with the little screen where you preview one sentence at a time). Freewrite - very cool but I don’t know if it’s $549 cool.
Tools
Tabfloater creates a Picture-in-Picture for your web browser. Supercool - BUT - you have to install a small script on your local machine. I tried in on a VM and it works pretty slick. You’ll have to make your own decision if the functionality is worth installing the extension companion. The tool is open source allowing code inspection. https://github.com/tabfloater/tabfloater
https://tools.epieos.com/email.php - email research tool. Meh. But maybe useful in some situations.
Cool Job
NASA - Assistant Inspector General for Investigations. “The Office of Investigations (OI) investigates allegations of crime, cyber-crime, fraud, waste, abuse, and misconduct having impact on NASA programs, projects, operations, and resources.” Only downside of this job is it’s in D.C.
“To be ignorant of one’s ignorance is the malady of the ignorant.” - someone smarter than me.
Thank You for your time and attention. Please considering sharing this newsletter with a friend or colleague. Or maybe an enemy.
Matt
extra-geeky-pure-cyber bonus - PaloAlto’s Unit42 published a fantastic threat assessment report of the Clop Ransomware. https://unit42.paloaltonetworks.com/clop-ransomware/