A quick Saturday digest of cybersecurity news articles from other sources.
Microsoft, Mayo Clinic, Oracle among coalition to develop digital COVID-19 vaccination passport
Every immunization recipient worldwide will have access to the credential, which will speed the return to travel, school, or work.
Raindrop Malware Discovered in SolarWinds Breach
More details continue to emerge about the serious SolarWinds breach as it was recently discovered that another strain of malware was used in the attack. Raindrop is used as a loader that delivers a payload of Cobalt Strike. It is similar to the well-known Teardop tool, but with some notable differences. Teardrop is delivered through the Sunburst backdoor, while Raindrop is used to spread across the victim’s… Read more
Ghost hack – criminals use deceased employee’s account to wreak havoc
Most companies are quick to remove ex-staff from the payroll, but often not so quick to shut down their network access.
FTC Reports Scammers Impersonating FTC
Original release date: January 26, 2021
The Federal Trade Commission (FTC) has released information on scammers attempting to impersonate the FTC. The scammers operate an FTC-spoofed website that claims to provide instant cash payments and tries to trick consumers into disclosing their financial information. The real FTC does not require such information and scammers can use this information to steal consumers’ money and identities.
CISA encourages consumers to review the FTC blog post and CISA’s Security Tips on Avoiding Social Engineering and Phishing Attacks and Preventing and Responding to Identity Theft.
Emotet malware taken down by global law enforcement effort
The infamous botnet has been disrupted thanks to an international effort across the US, Canada, and several European nations.
On Tuesday, the European Union Agency for Law Enforcement Cooperation (Europol) announced that the Emotet botnet has been disrupted as a result of efforts from law enforcement and judicial authorities across several countries. As part of a coordinated action, investigators have taken control of Emotet’s infrastructure, effectively putting a halt to its malicious activities.
Emotet’s infrastructure consisted of several hundred servers located around the world, according to Europol. Each server individually and together helped the attackers behind the operation manage infected computers, spread the malware to new victims, serve other criminal groups, and strengthen their network against takedown attempts.
Cybersecurity tips for university students
An informal survey of 15 students suggested that most were unconcerned about cybersecurity. Don’t be one of them!
Department of Justice Launches Global Action Against NetWalker Ransomware
The Department of Justice today announced a coordinated international law enforcement action to disrupt a sophisticated form of ransomware known as NetWalker.
NetWalker ransomware has impacted numerous victims, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges, and universities. Attacks have specifically targeted the healthcare sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims. More…
A 6 year old became the world’s youngest computer programmer
Now 7, Kautilya Katariya set a new Guinness World Record for completing IBM’s AI certification. Get them while they are young, before the education system can destroy them with conformity.
Security Researchers in the Crosshairs: 4 Ways North Korea Is Targeting Them
Security researchers are some of the unsung heroes within the InfoSec field. They are the ones who look for and discover vulnerabilities before anyone else in the world knows about them. However, because they are heroes, they are also targets. Google’s Threat Analysis Group (TAG) has been working for several months to try to identify who is behind an ongoing campaign targeting security researchers, specifically those who work on vulnerability research and development at a variety of organizations. Google’s TAG team has identified the threat actors behind this campaign as a “government-backed entity based in North Korea.” The North Korea based threat actors are using a number of different strategies to target security researchers. Let’s take a look at four of them… Read more
Chris DeRusha Named New U.S. CISO, Who Is He?
The United States of America has a new Chief Information Security Officer, and his name is Chris DeRusha. DeRusha recently updated his LinkedIn profile to his new role: CISO of the U.S. Government. Some were not surprised, as he was the top cybersecurity official on President Biden’s campaign. He also served as a White House cybersecurity official during the Obama administration. As the Federal CISO… Read more
The mystery of the missing Perl website
A long-running domain supporting the popular programming language Perl has suddenly vanished. We don’t yet know how or why.
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com