The rain from tropical storm Henri provided me some cover to stay inside and catch up on some long overdue writing. One of the pieces I finished was inspired by various ransomware groups actively recruiting employees to infect the networks of their employers. Any organization that runs a computer, even just one, is open to a ransomware attack. Any organization that has employees, faces harm inflicted by an insider, malicious or just careless. Read the full article HERE.
Please remember The Mule Project as your investigations identify money mules. The more data we can collect, the more connections we can make. The more connections we make, the more fraud networks we shut down. Both law enforcement and financial institution security investigators can make submissions.
Insider’s…again
Malicious insiders don’t always take actions that harm the company. The SEC charged three Netflix employees who were using their insider knowledge for personal profit. The employees were using confidential subscriber count numbers to trade the company’s stock prior to earnings announcements. The compliant alleges the group made more than $3 million dollars during the scheme. The true nugget in the article is the note that the SEC uncovered the trading ring by using data analysis tools to identify the traders' improbably successful trading over time. I’d like to learn more about that. https://www.sec.gov/news/press-release/2021-158
Targeting small and mid-sized banks
Gemini Advisory warns of an uptick in phishing attacks targeting customers of small to mid-sized banks. The reason is obvious: the large national banks have sizable security budgets with the staff to better combat such attacks. The article goes into detail explaining how the fraudsters are identifying and targeting customers of smaller banks. One of the ways is using the old credit card dumps that proliferate the underground card forums. Sure the card data is no longer good, but the customer is probably still a customer of the financial institution. Cue the BIN search. https://geminiadvisory.io/amid-phishing-boom-fraudsters-target-small-and-mid-sized-banks/
Credential stuffing
The FBI issued a warning concerning an uptick in attacks on grocery and food delivery services. The accounts are compromised through a hack known as “credential stuffing”. This happens when the attackers obtain a confirmed username and password for one web service and then attempt to use those credentials at other sites. This works because people re-use passwords. With billions of user credentials having been leaked online following security breaches over the past decade, credential stuffing attacks are now common across a wide spectrum of industry verticals. https://therecord.media/fbi-warns-of-credential-stuffing-attacks-against-grocery-and-food-delivery-services/
Holy Bitcoin
An Akron, Ohio man has agreed to forfeit 4,400 bitcoins as part of a plea agreement for money laundering charges. At the time of this writing, bitcoin is at $49,721 USD. Dude had $218,772,440 worth of bitcoin! Larry Harman ran the bitcoin mixing service Helix and also the Grams Market. Considering he’s only making a commission, imagine how much money actually passed through his services. https://www.cnbc.com/2021/08/18/ohio-man-guilty-in-darknet-bitcoin-cryptocurrency-laundering-conspiracy.html
The Rest…
A Pennsylvania couple has been indicted in the Middle District of Pennsylvania for a romance scam that netted them hundreds of thousands of dollars. https://www.pennlive.com/crime/2021/08/feds-say-central-pa-couple-used-online-dating-to-bilk-lovesick-victims-out-of-hundreds-of-thousand-of-dollars.html
One-quarter of all legal demands on Google are geofence warrants. No wonder it takes six months to get one back. https://techcrunch.com/2021/08/19/google-geofence-warrants/
I don’t know how, but Area 1 Security claims they have analyzed 31 million phishing attacks and found the potential loss to be $354 million. https://finance.yahoo.com/news/area-1-security-research-analyzes-130000920.html
The SEC claims they are getting super-serious (finally) and will be cracking down on those companies who fail to disclose data breach and security issues. https://www.natlawreview.com/article/sec-still-cyber-serious-about-disclosures
Cool Tools
Go back in time with World Imagery Wayback
Save Twitter posts as images with Poet.so
For those that like to watch the weather: Windy.com
“If you're ridin' ahead of the herd, take a look back every now and then to make sure it's still there with ya” - someone smarter than me.
Thank you for reading another edition. Please consider sharing with a friend or colleague and help me reach 500 subscribers by the end of the year!
Matt