My dislike for fictional content extends to video games. I have never been a gamer and my knowledge of such entertainment is relegated to overheard conversations or inadvertently consumed Internet content.
This story though, is something that all of us should be concerned about, whether you’re a cybercrime investigator, security practitioner, or just a decent human being.
A female gamer and Twitch streamer known by the gamertag QTCinderella, went online recently to discuss the devastating emotional effects of seeing her likeness used to create “deep-fake” pornography. There’s no need to go into the horrifying specifics, but you can read the linked article for additional information.
The advancement of Artificial Intelligence and video graphics processing technology is only going to accelerate this problem with more and more young people finding themselves, or at least their “likeness”, starring in these videos.
Is law enforcement prepared to confront this? Is there even a law being violated? How are security practitioners going to respond when they get a notice their companies technology is propagating this content? How are financial institutions going to respond when they learn of financing these services?
I think we need to start answering these questions. And quickly.
Card fraud is popular
I can’t vouch for this organization or their study standards, but the results of this survey ring true. Security.org conducted a survey of 1000 U.S. adults who hold a credit card account and found…put down your mug…most of them have been victims of card fraud. 65% of them to be exact. Another finding, not surprising but still disappointing, is that only 1 of 10 victims reported the incident to law enforcement. Maybe the police will conduct an investigation, maybe they won’t, but reporting helps provide a clearer picture of the problem. And even a blind squirrel finds the occasional nut. https://www.security.org/digital-safety/credit-card-fraud-report/
Malicious insiders are ageless
This Pennsylvania town fired its manager after “serious financial discrepancies” came to light. Officials refused to provide details on how much money was unaccounted for but did say the manager had held the position for 28 years. Yeah, theres probably a lot unaccounted for. Everyone is capable of becoming a malicious insider no matter how long they worked for an organization or how much they are “beloved”. https://www.pennlive.com/news/2023/02/cumberland-county-borough-fires-manager-after-discovering-serious-financial-discrepancies.html
So easy…
Ransomware as a Service (RaaS) has made running a ransomware campaign so easy even script kids can do it. Microsoft published a brief advising its security teams are tracking more than 100 ransomware gangs and over 50 unique ransomware families. https://www.bleepingcomputer.com/news/security/microsoft-over-100-threat-actors-deploy-ransomware-in-attacks/
Surprisingly pleasant
KELA recently released the report “Telegram: How a messenger service turned into a cybercrime ecosystem” and it’s a very detailed report. Many times these styled reports just give enough to get your attention and ask for more. It’s a sales pitch. In this report, KELA pretty much gives you the whole product, no strings attached. Well worth your time to read it. https://ke-la.com/wp-content/uploads/2023/02/KELA_Telegram_CEBIN.pdf
The Rest…
Tripwire takes a closer look at sextortion scams. https://www.tripwire.com/state-of-security/sextortion-scams-how-they-persuade-and-what-to-watch-for
Pennsylvania Department of Revenue warns of a scam letter targeting tax payers. https://www.msn.com/en-us/news/politics/state-warns-of-scam-letter-targeting-pennsylvanians-at-tax-time/ar-AA17awzV
Nigerian nationals plead guilty to crimes stemming from BEC attacks and Work-From-Home scams. https://www.justice.gov/usao-az/pr/nigerian-nationals-victimize-us-persons-through-cyber-enabled-fraud-schemes
Cool Job
Senior Director, Fraud Operations - Prosper https://jobs.lever.co/prosper/a8f2e6e2-497a-449e-8481-68a547ec6a73
Information Security Specialist - Artisans’ Bank https://www.artisansbank.com/information-technology-specialist
Cool Tool
A search engine that knows nothing about you and can’t learn. https://www.qwant.com/
Que John Denver…
Can someone please help me get a subscriber from West Virginia? I understand Kansas or Wyoming. But WV? It’s my next door neighbor!
Thanks for opening the email this week. And a special thanks to everyone that stuck around after last weeks button snafu. Oh…that damn rodent said more winter to come. When does groundhog hunting season open?
Cheers.
Matt
“Focus is repeatedly saying no to almost everything”. No.
Legal: I am not compensated by any entity for writing this newsletter. Obviously, anything written in this space is my own nonsensical opinions and doesn’t represent the official viewpoint of my employer or any associated organization. Blame me, not them.