AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/20/2023

U.S. Cybersecurity Agencies Warn of Scattered Spider’s Gen Z Cybercrime Ecosystem 

U.S. cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that’s known to employ sophisticated phishing tactics to infiltrate targets. “Scattered Spider threat actors typically engage in data theft for extortion using multiple social engineering techniques and have recently leveraged BlackCat/ALPHV ransomware alongside their usual TTPs,” the agencies said. The threat actor, also tracked under the monikers Muddled Libra, Octo Tempest, 0ktapus, Scatter Swine, Star Fraud, and UNC3944, was the subject of an extensive profile from Microsoft last month, with the tech giant calling it “one of the most dangerous financial criminal groups.” 


UnitedHealth uses AI model with 90% error rate to deny care, lawsuit alleges 

UnitedHealthcare, the largest health insurance company in the US, is allegedly using a deeply flawed AI algorithm to override doctors’ judgments and wrongfully deny critical health coverage to elderly patients. This has resulted in patients being kicked out of rehabilitation programs and care facilities far too early, forcing them to drain their life savings to obtain needed care that should be covered under their government-funded Medicare Advantage Plan. That’s all according to a lawsuit filed this week in the US District Court for the District of Minnesota. The lawsuit is brought by the estates of two deceased people who were denied health coverage by UnitedHealth. The suit also seeks class-action status for similarly situated people, of which there may be tens of thousands across the country. 


White House to update recently released cybersecurity strategy 

White House Office Federal Chief Information Security Officer and Deputy National Cyber Director Chris DeRusha said the Biden administration is already reexamining the implementation plan for its recently published national cybersecurity strategy, CyberScoop reports. “Were already working on version 2.0,” said DeRusha, who described the document as “evolving” and “not a static thing.” Specifically, the administration is thinking beyond modernizing its deployed technologies, which DeRusha acknowledged won’t be enough to attain the government’s cybersecurity goals.  


Bloomberg Crypto X account snafu leads to Discord phishing attack 

The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack. As first spotted by crypto fraud investigator ZachXBT, the profile contained a link to a Telegram channel with 14,000 members, further pushing visitors to join a fake Bloomberg Discord server with 33,968 members. According to ZachXBT, Bloomberg previously maintained an older Telegram channel under the username @BloombergNewsCrypto, a detail shared on X/Twitter in August 2023. 


News anchors targeted by deepfake scammers on Facebook 

In a Facebook video viewed by thousands, CNN’s Wolf Blitzer appears to hawk a diabetes drug. In another, “CBS Mornings” host Gayle King seems to endorse weight loss products. But the clips are doctored—the latest in a rash of deepfakes that hijack images of trusted news personalities in spurious ads, undermining confidence in the news media. Similar social media posts in recent months have targeted Fox News personality Jesse Watters, CBC host Ian Hanomansing and BBC stars Matthew Amroliwala and Sally Bundock. 


FCC adopts new rules to protect against SIM-swapping attacks 

The Federal Communications Commission (FCC) has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. FCC’s Privacy and Data Protection Task Force introduced the new regulations in July. They are geared toward thwarting scammers who seek to access personal data and information by swapping SIM cards or transferring phone numbers to different carriers without obtaining physical control of their targets’ devices. 


The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season 

As the annual Black Friday approaches, the digital landscape experiences an unprecedented surge in e-commerce and online shopping activity. Major sales aside, e-commerce is still a huge market. In 2022, global e-commerce retail revenue was estimated to reach $5.7 trillion worldwide, marking nearly a 10% increase compared to the previous year. The annual Black Friday rise in online transactions sets the stage for a cyber-battleground, where malicious actors exploit users’ interest in online shopping. Against this backdrop, our report delves into the intricate web of cyberthreats relating to e-commerce and the Black Friday season. As consumers flock to online platforms in search of exclusive deals, the threatscape also witnesses increased fraudulent and cybercriminal activity, which necessitates a comprehensive understanding of the cybersecurity challenges faced by individuals during this festive shopping spree. 

Related Posts