I attended the 10th National Cyber Crime Conference put on by the Massachusetts Attorney General’s Office this past week. The virtual conference was organized and facilitated through Whova. I can’t say enough good things about this company and it’s virtual event application. I’ve attended several virtual events during these Covid-19 times and this was by far the best run. The application (both desktop and mobile) made following the agenda and attending sessions a snap.
I listened to several fantastic talks and some not so much. I’ll never understand how someone gets an opportunity to speak at one of the premier conferences in our trade and under-performs. Either by being unprepared or by giving a talk so basic that they might as well be reading from the topic’s Wikipedia page. Push yourself and push your audience. On that note, I wish conference organizers would pre-evaluate and label talks as “Beginner”, “Intermediate” and “Pro” so that I don’t end up in a in another Bitcoin (for Beginners) talk.
I can’t wait until we get back to in-person conferencing. Technology, no matter how efficient, can’t replace face-to-face learning and networking.
A start…finally
Finally, an organization with some actual influence is tackling the epidemic of ransomware. The Ransomware Taskforce of the Institute for Security and Technology released the report “Combating Ransomware”. I have read the report once and will be provided additional thoughts in a separate writing. Initially, I am pleased they addressed the issue of cyber-insurance and the role it plays in perpetuating the crime. And they appear hard-set that not paying the ransom should be the standard and only done when all other options have been exhausted. It’s a start. https://securityandtechnology.org/wp-content/uploads/2021/04/IST-Ransomware-Task-Force_Final_Report.pdf
A job is a job (right?)
Security researchers at Cybernews applied to a “help wanted” ad posted by a ransomware gang and ended up getting an interview. It’s enlightening to see the inter-workings of a crime group. They are actually operating a small business with all the same problems of legitimate small businesses - staffing shortages included. The group was also proud of their business. It’s a reminder that just as we go to work everyday to do our best to fight crime, they go to work everyday to commit crime, and work hard to master their craft. https://cybernews.com/security/how-we-applied-to-work-with-ransomware-gang/
Worldwide Crime Gang
Three men in Brooklyn, NY have been indicted for a money laundering scheme which involved the theft of more than 30 Million Dollars from banks in Eastern Europe. The trio’s European counterparts would steal valuables from safety deposit boxes using sophisticated camera equipment, including borescopes that are typically used in medical procedures, to photograph the insides of locks of safe deposit boxes belonging to other individuals. They would then create duplicate keys, to open the victim safe deposit boxes in order to steal the contents, including currency, gold bars, jewelry and other property. World-Wide Crime! https://www.justice.gov/usao-edny/pr/three-brooklyn-residents-charged-money-laundering-scheme-stealing-over-30-million
You got Covid…
And exposed. A firm used by the Pennsylvania Department of Health to conduct Covid-19 contact tracing admitted to a breach that exposed the personal health history of over 72,000 patients. The lost data included names with phone numbers, emails, genders, ages, sexual orientations and COVID-19 diagnoses and exposure status. The company stressed the data did not include any financial data but is still offering free credit monitoring. Why? https://www.pennlive.com/news/2021/04/contract-tracing-breach-in-pa-impacts-private-info-of-72k-people.html
Holy passwords…
In what is believed to be one of the largest collection of emails and passwords ever has been dumped on the Internet. The cache includes over 2.8 BILLION unique email and password combinations including 625,505 .gov emails which belong to U.S. government employees. If you work for the federal government - your email is probably involved. https://thehackernews.com/2021/04/32-billion-leaked-passwords-contain-15.html
The Rest…
A Centre County (PA) woman is accused of being part of a conspiracy that duped people who thought they had won a lottery out of hundreds of thousands of dollars. https://www.pennlive.com/news/2021/04/centre-county-woman-accused-of-raking-in-more-than-180000-in-fake-lottery-winning-scheme.html
Armorblox details a Chase Bank credential phishing attack. https://www.armorblox.com/blog/blox-tales-chase-credential-phishing-attacks/
Joe Slowik of DomainTools wrote a fantastic article about domain spoofing used in Business Email Compromise Attacks. https://www.domaintools.com/resources/blog/leaping-down-a-rabbit-hole-of-fraud-and-misdirection
A dual Russian-Swedish national was arrested Tuesday at Los Angeles International Airport on criminal charges related to his alleged operation of the longest-running bitcoin money laundering service on the darknet. https://www.justice.gov/opa/pr/individual-arrested-and-charged-operating-notorious-darknet-cryptocurrency-mixer
Tool
https://mara.photos/ - a collection of image tools that covers just about everything you need.
“ONLY SOME PEOPLE GET WHAT THEY WANT. THOSE ARE THE PEOPLE WHO SHOW UP TO GET IT.” - someone smarter than me.
My wife says the newsletter is too long. Thanks for proving her wrong if you’ve read to this point.
Please consider sharing with a colleague. If you just browsed by, please subscribe to have the newsletter delivered to your email each Tuesday.
Matt