Threats Without Borders - Issue 130
Matt's Cyber Financial Crime Newsletter - Week ending May 14, 2023
I’m always intrigued by what draws next-day(s) follow-up questions from my talks and lectures. Rarely is it directly about my presented content. Usually, it’s something that I said off-handed or as a response to an audience question. I mentioned “Google Dorking” in a recent lecture about email phishing and received four emails requesting additional information. Is this a potential way to make a more impactful training class? Mix what you NEED to teach with something unrelated (maybe) that the audience WANTS to learn? Curiosity drives engagement. It’s really making me consider my content and delivery.
And the most interesting thing I read this week: The Law of Participation Inequality.
The 90-9-1 rule. In most online communities, 90% of users are lurkers who never contribute, 9% of users contribute a little, and 1% of users account for almost all the action.
I feel this applies to not only online communities, but also in the real-world workplace. 1% of the workers do all of the work, 9% put on a good show, and 90% could essentially be eliminated from the workforce.
https://www.nngroup.com/articles/participation-inequality/
DOS’d, Booted, and Stressed
Regular readers know I tend to geek out about Denial-of-Service attacks (targeted attacks are called Dedicated Denial of Service DDOS). The FBI took down domains being used by 13 DDOS services who were masquerading themselves as “booter” or “stressor” services. Most surprising is that the arrested were all domestic attackers. Good on you FBI! https://arstechnica.com/information-technology/2023/05/feds-seize-13-more-ddos-for-hire-platforms-in-ongoing-international-crackdown/
Not the chicken strips…
I’m not making light of this terrible situation for Sysco Foods, but hopefully its current cybersecurity incident doesn’t interfere with the production of their chicken strips. You ever have? Seriously, Sysco chicken strips are the deluxe faire of cafeterias, entertainment venues, and ballparks, all across the nation. No other fried strip of poultry served by ladies in hairnets or 15 year-old amusement park workers even comes close! https://www.bleepingcomputer.com/news/security/food-distribution-giant-sysco-warns-of-data-breach-after-cyberattack/
Insider threat - and a liar
This guy stole data, attempted to make it look like other employees of the company were responsible, and then sent a ransom note to extort his employers. His biggest mistake though was when he “made numerous false statements to federal agents”. They tend to get upset by that which led to the guy being charged with not only computer tampering and wire fraud - but also making false statements. https://www.justice.gov/usao-sdny/pr/former-employee-technology-company-sentenced-six-years-prison-stealing-confidential
Speaking of Insider Investigations
Here are two good articles explaining the lengths Apple goes to catch employees who leak product details. The effort to silo production and design teams so no one can put the entire product picture together is extensive. They also employ techniques like pixel marking, invisible watermarks, altering file names for different teams, and changing the typeface on different documents, so they can narrow a leakers area of responsibility if a document appears online. These are probably some ideas we should all be employing in our environments to help stymie malicious insiders.
https://9to5mac.com/2023/05/11/how-apple-catches-leakers/
https://9to5mac.com/2023/05/10/apple-leaker-sting-operation-source-fired/
Whose responsibility
Elderly man gets scammed out of 3.6 millions dollars. Family blames his bank and credit union. Credit union did file the appropriate report with adult protective services. Adult protective services claim he was interviewed and found mentally competent. Man sends more wire transfers. And round and round it goes….https://finance.yahoo.com/news/elderly-man-scammed-millions-could-100615736.html
The Rest…
Gmail claims it is now scanning the “dark web” for your email address. Can it really do that? No, really? https://www.theverge.com/2023/5/10/23718541/google-gmail-dark-web-report-privacy-data-security-update-io
You should probably be blocking .html attachments. https://blog.barracuda.com/2023/05/03/threat-spotlight-malicious-html-attachments-doubles/
Cool Job
Information Security Threat and Vulnerability Manager - Porsche North America. https://jobs.porsche.com/index.php?ac=jobad&id=4896
Cool Tools
Don’t do risky stuff on your own computer…do it on Joe’s. https://www.joesandbox.com/#windows
Printer friendly version of any wikipedia page. (or properly formatted print to PDF) https://wikiprint.vercel.app/
Record your thoughts on your phone and this tool will convert them to something that makes sense. https://audiopen.ai/ (fair warning - whoever is controlling this app can probably recover your submissions - but still a cool tool)
Irrelevant
Recently become way too busy due to a life change? Some advice for “newly busy people”. Or those of us who have always been busy but can’t get it right. https://www.lesswrong.com/posts/RaNhnNjExip36NMxM/advice-for-newly-busy-people
I spoke at a small business focused community event last week and afterwards I received an email from an attendee offering this comment:
“When you started out and said that you were a retired cop, I groaned inside and thought that I would have trouble staying awake. I did not.”
I’m speaking multiple times a week now and try really hard not to be the “retired cop” that just tells old war stories. I must be doing it right. I’ll be adding that endorsement to my LinkedIn profile.
Thanks for reading this weeks edition.
Matt
“WISE MEN TALK BECAUSE THEY HAVE SOMETHING TO SAY; FOOLS, BECAUSE THEY HAVE TO SAY SOMETHING.” - true fools write a newsletter because they think they have something to say.
Legal: I am not compensated by any entity for writing this newsletter. Obviously, anything written in this space is my own nonsensical opinions and doesn’t represent the official viewpoint of my employer or any associated organization. Blame me, not them.