Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

2-15 – ENIAC was formally dedicated at the University of Pennsylvania on February 15, 1946 and was heralded as a “Giant Brain” by the press.

Verify Your Valentine

Original release date: February 11, 2021

This Valentine’s Day, before you go looking for love in all the wrong chat rooms, CISA reminds users to be wary of internet romance scams. At first, cyber criminals promise the reward of romance after adopting an alias to appear as a potential partner. Once your heart is hooked on hope, they turn the tables. The scammer with the illusive identity will ask for money, making promises of phony matrimony, as they finagle funds from you as a fake fiancée.

If you don’t know who you are doting on when you are dating, be cautious with your cash and keep it.

Someone tried to poison Oldsmar’s water supply during hack, sheriff says

Pinellas Sheriff Bob Gualtieri said the attacker tried to raise levels of sodium hydroxide, also known as lye, by a factor of more than 100.  Factors include weak passwords, out-of-support Windows 7 operating systems, TeamViewer access by the attacker, and possible social engineering.

First Tweet from Brian Krebs  And another: What’s most interesting about the Florida water system hack? That we heard about it at all.  Stories about computer security tend to go viral when they bridge the vast divide between gee… more  krebsonsecurity.com

Alert from CISA – AA21-042A: Compromise of U.S. Water Treatment Facility  02/11/2021 02:15 PM EST   Click here for a PDF version of this report.

What to Know Before You Watch Perseverance’s February 18 Landing on Mars

Since it launched on July 30 last year, a rocket bearing NASA’s Perseverance Rover has been charting a C-shaped course through inky-black space, hurtling toward Mars. If all goes according to plan, on February 18, the wheeled robot the size of a small car will complete its six-month-long, 292.5-million-mile journey and touch down safely on the Red Planet’s surface.

Should it succeed, Perseverance will be the fifth NASA rover ever to land on Mars, after Sojourner (1997), twin rovers Spirit and Opportunity (2004) and Curiosity (2012). The new rover, affectionately dubbed “Percy,” will scour the dusty, crater-strewn planet for evidence of ancient life and prepare the way for future human visitors.

NASA will livestream the February 18 landing on its Mars 2020 website beginning at 2:15 p.m. Eastern; the landing process is expected to begin around 3:38. More…


WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) announced the Reduce the Risk of Ransomware Campaign today, a focused, coordinated and sustained effort to encourage public and private sector organizations to implement best practices, tools and resources that can help them mitigate this cybersecurity risk and threat.

Ransomware is increasingly threatening both public and private networks, causing data loss, privacy concerns, and costing billions of dollars a year. These incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. Malicious actors have adjusted their ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data if they refuse to pay and publicly naming and shaming victims as secondary forms of extortion.  More…

NCIJTF Releases Ransomware Factsheet

Original release date: February 5, 2021

The National Cyber Investigative Joint Task Force (NCIJTF) has released a joint-sealed ransomware factsheet to address current ransomware threats and provide information on prevention and mitigation techniques. The Ransomware Factsheet was developed by an interagency group of subject matter experts from more than 15 government agencies to increase awareness of the ransomware threats to police and fire departments; state, local, tribal, and territorial governments; and critical infrastructure entities.

How an automated pen-testing stick can address multiple security needs

Used for offensive and defensive purposes, a penetration testing device can be configured to perform automated checks on network security and more.

GnuPG crypto library can be pwned during decryption – patch now!

Many, if not most, Linux distros will be affected. Users of other operating systems should check for software that uses libgcrypt.

IBM Selectric Bug
Operation GUNMAN – how the Soviets bugged IBM typewriters in the 1970’s

From the Crypto-Museum

The Selectric Bug was a sophisticated digital eavesdropping device, developed in the mid-1970s by the Soviet Union (USSR). It was built inside IBM Selectric II and III typewriters [4] and was virtually invisible and undetectable. A total of 16 devices were found inside typewriters that were in use during at least 8 years at the US Embassy in Moscow and the US Consulate in Leningrad from 1976 to 1984.

The advanced digital bugging device was built inside a hollowed-out metal supporting bar that runs from left to right inside the IBM typewriter. It registered the movements of the print head (ball), by measuring small magnetic disturbances caused by the arms that control the rotation and elevation of the print ball. A typical IBM Selectric II typewriter is shown in the image on the right.

At least five different versions, or generations, of the bug were discovered by the Americans, some of which were powered by a DC battery voltage. Others were powered by the AC mains or both.  More…

Microsoft Warns of Windows Win32k Privilege Escalation

Original release date: February 9, 2021

Microsoft has released a security advisory to address an escalation of privileges vulnerability, CVE-2021-1732, in Microsoft Win32k. A local attacker can exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild.

CISA encourages users and administrators to review Microsoft Advisory for CVE-2021-1732 and apply the necessary patch to Windows 10 and Windows 2019 servers.

Beware of technical “experts” bombarding you with bug reports

Beware pseudo-geeks bearing ‘gifts’.

We’re all appalled at scammers who take advantage of people’s fears to sell them products they don’t need, or worse still products that don’t exist and never arrive.

Worst of all, perhaps, are the scammers who offer products and services that do exactly the opposite of what they claim – making their victims pay up simply to make them even easier to defraud in future.

Safer Internet Day – Why not up your game?

Four tips for Safer Internet Day

Using Legitimate Services to Bypass Phishing Protections

Researchers at Abnormal Security have identified two techniques that attackers are using to bypass email security filters. The first tactic takes advantage of the fact that Microsoft Office 365 sends automated read receipts for emails that are deleted without being read.  More…

TrickBot Is Targeting Your Lawyers

Researchers at Menlo Security warn of an ongoing Trickbot campaign targeting the legal and insurance industries. Trickbot is a notorious remote access Trojan that was in the crosshairs of separate operations by US Cyber Command and Microsoft late last year.

While these operations crippled the malware’s botnet ahead of the US elections, they weren’t expected to deal the malware permanent damage. Menlo Security says this new campaign is a sign that Trickbot’s operators are back on their feet.  More…

Ransomware Cybergangs Are Now Calling Their Victims

After successfully infecting companies’ IT networks with ransomware, some cybergangs are now calling those businesses to intimidate them into paying the ransom. Find out more about […]

The post Ransomware Cybergangs Are Now Calling Their Victims appeared first on CHIPS.



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.