It is not lost on me that I write a news letter titled “Threats Without Borders” from the safety and security of my office when we have young Americans dying from real threats in very dangerous places afar.
Please take a few minutes to honor these true hero’s and American patriots.
https://www.foxnews.com/world/these-are-the-us-service-members-killed-in-the-kabul-airport-attack
Dislike Chrome
Forbes cybersecurity columnist Zak Dorfman wrote a very stern piece about the evil of the Chrome web browser. Dorfman explains how Google markets your information for profit. Privacy does not exist when using Chrome! From the article: “Research has shown that up to 52 companies can theoretically observe up to 91% of the average user’s web browsing history,” a senior Chrome engineer told a recent Internet Engineering Task Force call, “and 600 companies can observe at least 50%.” The true shame is that Chrome is such a good product - at least functionally. Protecting your data and privacy - not so much. https://www.forbes.com/sites/zakdoffman/2021/08/28/stop-using-google-chrome-on-windows-10-android-and-apple-iphones-ipads-and-macs/
Everyone pays for BEC
The town of Peterborough, New Hampshire is out 2.3 Million dollars after a town clerk fell for a Business Email Compromise scam. The town has a population of 6600 so that means each citizen will be on the hook for $348 to recoup the lost funds. I wonder if the town ever conducted any phishing/email security training? Statistically the answer is no. https://www.bleepingcomputer.com/news/security/new-hampshire-town-loses-23-million-to-overseas-scammers/
Good ol’ DIY Justice
Here is an interesting story about a man that fell for a scam and lost 16 bitcoin ($768,000 USD at current price). He conducted his own investigation, with some help from professional investigators, and eventually identified the persons responsible for his lost. The problem though, is the suspects are minors. No problem, file a lawsuit against their parents. https://arstechnica.com/tech-policy/2021/08/man-robbed-of-16-bitcoin-hunts-down-suspects-sues-their-parents/
Call the cops, no wait…
Whether or not to report cybercrime victimization to law enforcement, specifically network intrusions or ransomware, has been a hot issue lately. This article in ComputerWeekly claims that doing so provides no benefit to the victim business and only reduces recovery time. Debatable. It really comes down to communication. Security professionals don’t always see the big picture view of law enforcement and law enforcement investigators don’t always see the big picture view of cyber security professionals. https://www.computerweekly.com/news/252505828/Calling-the-cops-for-ransomware-attacks-doesnt-help-say-cyber-pros
The Rest…
CISA issued a warning concerning hurricane related scams. https://us-cert.cisa.gov/ncas/current-activity/2021/08/21/hurricane-related-scams
The FBI released a Flash Bulletin concerning the new Hive Ransomware and noting several indicators of compromise. https://www.documentcloud.org/documents/21049431-fbi-flash-hive-ransomware-iocs
A Romanian national was sentenced to 140 months in federal prison for his part in a wide ranging auction fraud, phishing attacks, and card cloning. https://www.irs.gov/compliance/criminal-investigation/romanian-national-man-sentenced-to-140-months-for-money-laundering-conspiracy
Kudo’s to several California and federal law enforcement agencies for securing the indictment of eight involved in a national grandparent scam. The group is accused for stealing over 2 million dollars from elderly victims all over the nation. https://www.justice.gov/usao-sdca/pr/eight-indicted-nationwide-grandparent-fraud-scam
Cool Tools…
Find out if that organization is really tax exempt: https://apps.irs.gov/app/eos/
Convert all the files: https://fileconverter.digital/
Go for a walk. It’s healthy for you, physically and mentally!
https://www.salon.com/2021/08/28/walking-and-spontaneous-fluctuations-brain/
Geeky Bonus: For those that like to dig a little deeper - a nice write up on investigating phishing domains. https://0xdf.gitlab.io/2021/08/27/pivoting-off-phishing-domain.html
Last weeks issue resulted in the most page views ever for this publication. Thank You, and please continue to share.
Matt