My free reading time was severely limited this week due a service pack pushed to my computer by Microsoft. The update crashed the machine and rendered it utterly useless. I undertook a complete operating system changeover, transitioning my main computer to a Linux machine running the Pop!_OS distribution. You can read the details in the article; All in on Pop!_OS posted on my write.as blog.
In an article that strikes close to home, ransomware struck the county offices of Clearfield County, Pennsylvania. County Commissioner David Glass explained, “It got all of our servers and it got about 15% of our work stations, the laptops and desktops that people use,” . He claims “we’re going to train our employees”. If anyone from Clearfield County reads this… call me. I’ll do it for free.
New security notification rules for banks
The Treasury Department and Federal Deposit Insurance Corporation (FDIC) proposed new rules that would require supervised financial institutions to report computer system compromises within 36 hours, dwell time notwithstanding. Final approval for the rules are pending a 90 day comment period.
Digital Guardian - New Rules for Banks
JDSUPRA - Financial Regulatory Agencies Announce Proposed Rules for Banks
Imagine if Wal-Mart closed…
The same impact will be felt when (if) the Joker’s Stash carding marketplace closes. The “Joker” issued a notice that he would be closing the site in 30 days. The site is by far the most popular and prolific carding market in operation…clear or dark web. There were several quality writings published this week concerning the announcement:
Flashpoint Research - A Blow to cybercriminals worldwide
Intel 471 - Last Dash for Joker Stash
Is your phone allowing you to be tracked?
Of course it is. Google and Apple know everything about you. But what about your ex? Or your boss? We often get females reporting they are being stalked and claim someone has installed “stalkerware” on their cell phone. I haven’t found a phone with it installed yet. They are being stalked, but the suspect always knows where they are because of something other than the cellphone malware. In the most recent case it was because they were sharing locations through Google accounts-which they set up when they were in love but she didn’t disconnect after the break-up.
Anyways… here is an interesting, albeit technical, blog on how to search your phone for stalkerware.
Phishers are smart
ZScaler’s ThreatlabZ published a rather technical blog post detailing some obfuscation techniques they are observing. The post demonstrates how the techniques are being used in four current phishing campaigns. They provide a significant of domains being used and it’s interesting to see what domain names the bad guys are using.
The Rest…
In a sophomoric guest blog post, ESET Security reminds you about the indicators of a phishing attack.
Checkpoint Software claims attacks on healthcare organizations have increased 45% since November 2020. Ahh, that was only two months ago.
AtlasVPN claims that Google identified a record 2 million phishing sites in 2020.
A federal lawsuit was filed against Bank of America in the U.S. District of Northern California for it’s part in a massive Employment Development Department (EDD) fraud. The complainants claim the loss is in the “billions of dollars” and charge “BofA was either unwilling or unable to stop criminals”. I’ll go with unwilling.
Cool Tool
Cachedpages.com - looking for something that was online but no longer is? See if it’s been archived. The Wayback Machine works also.
Cool Job
Rental Shop Associate - Glacier Outfitters (Inside Glacier National Park)
Thank You for reading! please consider subscribing and sharing.