Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

You can’t keep quiet when you’re hacked anymore

If you try to hide that your business has been hacked or you’ve paid ransomware, the Cybersecurity and Infrastructure Security Agency would like a word with you.

One of the dirty little secrets of many businesses, perhaps even most, is that far more of them than ever admit to it have been hacked. Still others end up paying ransomware, but they’ve never revealed this deep, dark secret. After all, who wants to admit to the world — and their customers — that they’ve been caught with their security pants down.

Well, things are about to change. In the recently signed $1.5 trillion government funding bill were new cybersecurity laws requiring companies to quickly report data breaches and ransomware paymentsMore…

We are NOT going back to the office – ever!

Why not? Here are the big five reasons:

  • Commuting – we got back 2 hours per day that we used to spend in traffic jams.  I have heard that people are demanding to be paid time or mileage rates for commuting.  No more “free rides.”
  • Time-shifting – Quality work is getting done at home, but at a time of the employees choosing, making it easier to manage child-care, school, and family obligations with work projects and tasks..
  • Work-life balance – More time for families in the new work-from-home environment.  Also not time lost to pointless commuting.
  • Meetings – Let’s get serious, most meetings are a waste of time.  Zoom and Teams makes it possible to “attend” a meeting in the background while actually doing productive work at the same time.
  • I quit – If employers try to force the issue, their employees are quitting in record numbers.

Here’s the latest on this trend from Computerworld:  As Omicron wanes, where does that leave working from home?

Internet Access for Kids: A Guide for Parents

As we all know, there is a lot of content on the Internet that is just not suitable for younger users,  This article goes into some depth to help parents establish boundaries and control over their children’s Internet usage.  It is loaded with tips and techniques that any parent could use.

FBI and FinCEN Release Advisory on AvosLocker Ransomware

Original release date: March 22, 2022

The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker ransomware. AvosLocker is a ransomware-as-a-service affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors.

CISA encourages organizations to review the joint Cybersecurity Advisory and apply the recommended mitigations.

5 things Linux needs to seriously compete in the desktop market that you probably never considered

Jack Wallen takes on the age-old question of what Linux needs to succeed on the desktop. This time around, his answers have nothing to do with software.

Web vendor CafePress fined $500,000 for giving cybersecurity a low value

Just because you’re the victim of a cybercrime doesn’t let you off your cybersecurity obligations.  Bad security = big fines.

GOLD ULRICK Leaks Reveal Organizational Structure and Relationships

Messages reveal collaboration and support among threat groups.

Since February 27, 2022, the Twitter @ContiLeaks account and other online personas have been leaking communications containing details about threat actors and their operations. The leaks include more than 160,000 messages exchanged among nearly 500 threat actors between January 2020 and March 2022. The messages reveal close relationships among multiple threat groups and details about the GOLD ULRICK and GOLD BLACKBURN threat groups’ operations. Leaked source code and tool repositories offer unprecedented insights into previously unknown threat actors.  More…

Microsoft warns of destructive attacks by Lapsus$ cybercrime group

Using social engineering rather than traditional ransomware tactics, the Lapsus$ group has already hit multiple organizations, says Microsoft.

A relatively new cybercriminal group has quickly gained an infamous reputation for its unique tactics and successful attacks against several major organizations. Known as Lapsus$, the gang uses social engineering to target its victims and has reportedly hit such companies as Samsung, Okta, NVIDIA and Microsoft. In a blog post published Tuesday, March 22, Microsoft provides insight into the group’s tactics and techniques and offers tips on how to protect your organization from these attacks.

Well that was fast!

UK police arrest 7 hacking suspects – have they busted the LAPSUS$ gang?

Seven alleged hackers have been arrested in the UK, as of Friday March 25.  But who are they, and which hacking crew are they from?

I am not in any way endorsing their crimes.  Nevertheless, they probably would be turned down for any entry level IT job they applied for, no experience, no certs, no school.  But mad, wicked skills (literally).  And an unfortunate lack of ethics.

Reminds me of a case I worked for a client that was a very prestigious, expensive, residential college preparatory academy (high school).  A student had hacked the school’s computer system and changed the grades for himself and some friends.  I asked the IT Director what had happened to the student, and per school policy he had been expelled.  It was a shame really, the kid had skills and a desire to learn, but no guidance.  They could have recruited him into the IT department, worked out an alternative punishment, and led him to a legal career in IT or cybersecurity.  Someone just needed to change his direction, and put him on the right path.  God only knows what mischief he is into now.

Serious Security: DEADBOLT – the ransomware that goes straight for for your backups

Some tips on how to keep your network safe – even (or perhaps especially!) if you think you’re safe already.

Feb 10, 2022 — On top of 3G being phased out in 2022, the transition period to swap from legacy POTS and ISDN lines to IP alternatives ends this August.

NVIDIA Leads AI Development of Metaverse and Digital Twins

Digital Twin worlds include long-range global weather forecasting and global highway grid.

NVIDIA researchers are working with universities around the U.S. on a new system that can track atmospheric rivers and predict catastrophic rain storms up to a week in advance.

Researchers are building this forecasting model with Earth-2, a digital twin supercomputer, and FourCastNet, a physics-informed deep learning model that was trained on 40 years of weather data.

“For the first time a deep learning model has achieved better accuracy and skill on precipitation forecasting than state-of-the-art numerical models,” he said. “It makes predictions four to five orders of magnitude faster.”

In addition to forecasting the world’s weather, NVIDIA is using its autonomous vehicle and mapping software to create a digital twin of the world’s roads.

“By the end of 2024, we expect to map and create a digital twin of all major highways in North America, Western Europe and Asia–about 500,000 kilometers,” he said.

The map will be expanded and updated by millions of passenger cars, Huang said. The company is also building an earth-scale digital twin to train its AV fleet and test new algorithms. More...

And in a related story:

U.S. Copyright Office Rules A.I. Art Can’t Be Copyrighted

An image generated through artificial intelligence lacked the “human authorship” necessary for protection

How to benchmark a website with the Siege command-line tool

Need to stress-test your websites to see how well they’re performing? Jack Wallen shows you how with the command-line Siege tool.


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.