Hi I’m Matt. Welcome to Issue 34.
I had a birthday this week. I don’t feel older, but I also caught myself complaining about today’s popular music to my kids and about people who tattoo their face to a grocery store clerk. Maybe I am getting old?
I have a lengthy list of things I want to write about but I found being away from the computer much more enjoyable over the past week. It seems other have felt the same way as there were very few CyFi writings published this week.
If you read just one thing…
Make it this article by Patrick O’Neill in the MIT Technology Review. O’Neill discusses the difficulties of cracking down on cybercrime when the bad actors are protected by foreign governments, specifically Russia and Ukraine. This detailed and well written article offers an insider look from several FBI agents who attempted to coral the most prolific Russian criminals in the early 2010’s - and who still persist today. https://www.technologyreview.com/2021/07/08/1027999/fbi-russia-ukraine-cybercrime-investigation-ransomware/
Who is buying all those mattresses?
An amusing tale of mattresses and money laundering. Snopes tackles a persistent conspiracy theory that bedding retailer Mattress Firm is actually a front for laundering money. At first you’re like, C’mon, and then you’re like Ohhhh. A quick check shows I have 5 Mattress Store’s within a 20 mile drive of me. But also 7 other mattress retail store. Is there really that much demand for bedding? Is that why there are so many pizza shops? https://www.snopes.com/news/2021/07/07/mattress-firm-money-laundering/
Pandemic of fraud
As the Covid-19 pandemic goes on so does the associated fraud. TrendMicro continues to monitor how cybercriminals use pandemic related themes as a lure to hook victims. This blog posting is a comprehensive review of how criminals are exploiting the pandemic. https://www.trendmicro.com/en_us/research/21/g/threats-ride-on-the-covid-19-vaccination-wave.html
Phishing and Ransomware … like hand and glove
A good whitepaper jointly published by Osterman Research and TrendMicro: How to Reduce the Risk of Phishing and Ransomware. Apparently I missed this when it was first published back in March. 84% of the surveyed companies experienced a phishing or ransomware attack in the past year. Probably both. https://resources.trendmicro.com/rs/945-CXD-062/images/Reduce-Phishing-Ransomware_Trend-Micro.pdf
The rest…
The Seattle Times believes that cryptocurrency has “turbocharged” cybercrime. https://www.seattletimes.com/business/technology/quick-take-how-cryptocurrency-turbocharged-the-cybercrime-racket/
Taking a cue from the recent Kaseya attack, Quartz explains the ins and outs of the supply chain attack. https://qz.com/2030053/what-is-a-supply-chain-cyber-attack/
Unit42 of PaloAlto Networks profiles the REvil ransomware gang and in the process give a really good review of a ransomware infection. https://unit42.paloaltonetworks.com/revil-threat-actors/
According to the FBI, attackers are using several tactics to steal and launder cryptocurrency, including technical support fraud, SIM swapping (aka SIM hijacking), and taking control of their targets' cryptocurrency exchange accounts https://www.bleepingcomputer.com/news/security/fbi-warns-cryptocurrency-owners-exchanges-of-ongoing-attacks/
Tools
Research that link before you click it: https://urlscan.io/
SO… this tool is for the advanced user as it must be installed from a Github repo and run through the command line. It allows you to pull down a complete copy of a webpage - or whole site - from a cached copy stored by the WayBackMachine (Internet Archive). Super Useful for OSINT and researching things of the past. https://github.com/hartator/wayback-machine-downloader/
“I WAS WRONG” BUILDS MORE RESPECT THAN “I TOLD YOU SO.” - someone smarter than me.
Thank You for reading and sharing!
Bonus
For those that enjoy low-fidelity music: https://www.lofi.cafe/
16 different stations which you cycle through with the arrow keys.