AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/31/2022

Singapore clocks higher ransomware attacks, warns of IoT risks

Ransomware and phishing attacks continue to climb in Singapore, hitting small and midsize businesses (SMBs) and social media platforms. Cybercriminals also are expected to turn their attention to Internet of Things (IoT) devices and crypto-based transactions, leveraging the lack of security safeguards on these platforms.  Some 55,000 local-hosted phishing URLs were identified last year, up 17% from 2020, with social media companies accounting for more than half of spoofed targets. This might have been due to threat actors looking to exploit public interest in WhatsApp’s announcement to update its privacy policy, said Singapore’s Cyber Security Agency (CSA) on Monday, when it released its Singapore Cyber Landscape 2021 report. 


Did you hear about the student loan announcements? Scammers did, too

You’ve probably already heard about the new government plan that will forgive some federal student loans, once it’s up and running. Also in the news: the federal student loan payment pause has been extended to December 31, 2022. But scammers are watching the news, too, so know this: you don’t need to do anything or pay anybody to sign up for the new program — or the pause. Nobody can get you in early, help you jump the line, or guarantee eligibility. And anybody who says they can — or tries to charge you — is (1) a liar, and (2) a scammer.


FBI responds to Mark Zuckerberg claims in Joe Rogan show

The day after Mark Zuckerberg said that Facebook limited a polarizing story ahead of the 2020 election because of an FBI warning, the federal agency said it can only alert a private entity of a potential threat, not require it to take action. In an episode of the “Joe Rogan Experience” podcast made available Thursday, Zuckerberg said that although the FBI didn’t specifically name a New York Post article about Hunter Biden’s laptop, it “fit the pattern” of what the FBI warned about. The Facebook cofounder said the FBI is a “legitimate institution” and that the warning prompted him to “take that seriously.” The story was allowed to remain on Facebook, albeit with limited exposure, Zuckerberg said.


Women make up just 24% of the cyber workforce. CISA wants to fix that

As the race to recruit female talent in STEM continues moving ahead with steady progress, stunning statistics still wrack the cybersecurity sector: Women working in cybersecurity currently account for less than one quarter of the overall workforce. Megan Rapinoe. Sister Rosetta Tharpe. Shirley Chisholm. Donning jeans and a Ukrainian flag t-shirt, the director of the nation’s lead cybersecurity agency ticked through PowerPoint slides of women “who took a sledgehammer to the glass ceiling.” “I need your help,” said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, on Friday to an audience of 1,700 female cybersecurity professionals assembled for a three-day technical conference in Cleveland. “We need to get to 50% of cybersecurity by the year 2030. Think we can do it?” Someone whistled. ACDC pulsed through the speakers. “Come on!” Easterly rallied. 


Google’s open-source bug bounty aims to clamp down on supply chain attacks

Google has introduced a new vulnerability rewards program to pay researchers who find security flaws in its open-source software or in the building blocks that its software is built on. It’ll pay anywhere from $101 to $31,337 for information about bugs in projects like Angular, GoLang, and Fuchsia or for vulnerabilities in the third-party dependencies that are included in those projects’ codebases. While it’s important for Google to fix bugs in its own projects (and in the software that it uses to keep track of changes to its code, which the program also covers), perhaps the most interesting part is the bit about third-party dependencies. Programmers often use code from open-source projects so they don’t continuously have to reinvent the same wheel. But since developers often directly import that code, as well as any updates to it, that introduces the possibility of supply chain attacks. That’s when hackers don’t target the code directly controlled by Google itself but go after these third-party dependencies instead.


How 1-Time Passcodes Became a Corporate Liability

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. In mid-June 2022, a flood of SMS phishing messages began targeting employees at commercial staffing firms that provide customer support and outsourcing to thousands of companies. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication.

Related Posts