WyzGuys Tech Talk

A quick Saturday digest of cybersecurity news articles from other sources.

Rise of cloud-delivered malware poses key security challenges

The delivery of cloud-based malware also shot up in 2022, triggered by an increase in the volume of apps being exploited to launch malware and the number of malicious downloads from popular apps. For the year, Netskope found 400 distinct cloud applications delivering malware, almost triple the number of the previous year. Some 30% of all malicious downloads from the cloud came from Microsoft OneDrive, followed by 8.6% from web hosting site Weebly and 7.6% from the software hosting site GitHub

As more organizations have turned to the cloud to store and work with their data, applications and other assets, cybercriminals are increasingly exploiting cloud-based services to set up malicious downloads. A new report from network security provider Netskope looks at the rise in cloud-delivered malware and provides tips on how to protect your organization from these threats.  More..

CISSP: My Experience

This is an excellent write-up of a recent successful passing score of a CISSP test-taker u/Borderskip   They passed the exam at 125 questions, which means they were darn near perfect!  The most recent release of the CISSP uses somewhere between 125 and 175 questions to prove your proficiency over the eight domains.  You can read the full article on their blog Tech Kettle or on Reddit.

The Best & Worst States in America for Online Privacy

This is a comprehensive look at privacy laws in America from the Private Internet Access blog and definitely worth a read.

Multi-million investment scammers busted in four-country Europol raid

216 questioned, 15 arrested, 4 fake call centres searched, millions seized…

According to Europol, 216 people were questioned in Bulgaria, Cyprus, Germany and Serbia; 15 have already been arrested; 22 searches were conducted, including at four separate call centres; and about $1,000,000 in cryptocurrency was seized.

Law enforcement also confiscated €50,000 in cash; got hold of numerous electronic devices, presumably including laptops, servers, phones and backup devices; and towed away three vehicles.

As we’ve mentioned before, scammers’ cars are often at the show-off end of the vehicular spectrum, and thus worth lots of money, but also potentially include valuable forensic evidence from their numerous on-board computer systems.  More…

Identity thieves bypass security questions to access Experian credit reports

By simply changing part of the URL, anyone could access full credit reports at Experian using just a person’s social security number and some basic information.  More…

NASA Satellite Falls Back to Earth After Almost 40 Years in Space

After more than 38 years orbiting Earth, NASA’s Earth Radiation Budget Satellite (ERBS) has returned home.

The craft reentered Earth’s atmosphere over the Bering Sea at 11:04 p.m. Eastern time on Sunday, NASA says in a statement. The agency anticipated that most—but not all—of the satellite would burn up as it sped through Earth’s atmosphere. While the return of ERBS calls attention to the mission’s success, its reentry has put a spotlight on the dangers of space debris.  More…

[Bob says: I have been using the illustration of falling satellites, space debris, and meteorites as an example of very low probability risk.  Maybe not that low of a probability these days?  With hundreds of LEO satellites being launched for satellite Internet services such as Starlink, the risk from ground strikes by space debris is growing.]

Ultimate Guide to Being a Freelancer [2023 Update]

I have spent half of my work life as a self employed entrepreneur, and have worked at many projects that could be easily called “freelance.”  This article goes into detail about what freelancing is and how it works.

Serious Security: Unravelling the LifeLock “hacked passwords” story

Four straight-talking tips to improve your online security, whether you’re a LifeLock customer or not.

There is a lot more to this article, and definitely worth a read.  More..

CISA Updates Best Practices for Mapping to MITRE ATT&CK®

Original release date: January 17, 2023

Today, CISA updated Best Practices for MITRE ATT&CK® Mapping. The MITRE ATT&CK® framework is a lens through which network defenders can analyze adversary behavior and, as CISA Executive Assistant Director Eric Goldstein noted in his June 2021 blog post on the framework, it directly supports “robust, contextual bi-directional sharing of information to help strengthen the security of our systems, networks, and data.” CISA highly encourages the cybersecurity community to use the framework because it provides a common language for threat actor analysis.

CISA coordinated this update of the best practices with the Homeland Security Systems Engineering and Development Institute™ (HSSEDI), a DHS-owned R&D center operated by MITRE. The update covers changes that the MITRE ATT&CK team made to the framework since CISA initially published the best practices in June 2021. The update also covers common analytical biases, mapping mistakes, and specific ATT&CK mapping guidance for industrial control systems (ICS).

Security Matters: New year, new security strategy?

A new year is a great time for new beginnings, and there’s no better time to take a hard look at upping your security game. if your organization has been relying on security through obscurity (“we’re too small or too unimportant for attackers to bother”), you’re living on borrowed time. Industry experts are predicting that 2023 will bring new and more sophisticated hacks and attacks, more dangerous forms of malware, the growth of hacktivism, and a surge in cyberthreats.

Cyber attackers are increasingly targeting small and mid-size businesses . Because you can’t afford to pour as much money into security as large enterprises do, criminals see your company as low-hanging fruit. According to some statistics, almost half (46%) of breaches impacted small businesses in recent years, and over 60% of SMBs experienced attacks.

Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner

Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results.

At least one prominent user on the cryptocurrency scene has fallen victim to the campaign, claiming it allowed hacker hackers steal all their digital crypto assets along with control over their professional and personal accounts.

While this is not a new stratagem, threat actors appear to use it more often. In October last year, BleepingComputer reported on a massive campaign that relied on more than 200 typo-squatting domains for over two dozen brands to mislead users. More…