BuzzSec

The plants will shut down on Tuesday, halting about a third of the company’s global production. Toyota doesn’t know how long the 14 plants will be unplugged. from Threatpost https://threatpost.com/toyota-to-close-japan-plants-after-suspected-cyberattack/178686/

It’s easy to forget, when a hybrid war like the one currently raging in Ukraine is occupying so much attention, that ordinary criminal lowlifes continue to seek victims, and the war only gives them another pretext to dangle in front of the unwary. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/wartime-suffering-as-phishbait

Organizations will see big wins from applying security controls early in the development life cycle. from Dark Reading https://www.darkreading.com/application-security/how-to-boost-shift-left-security-in-the-sdlc

Tarah Wheeler and Josephine Wolff analyze a recent court decision that the NotPetya attacks are not considered an act of war under the wording of Merck’s insurance policy, and that the insurers must pay the $1B+ claim. Wheeler and Wolff argue that the judge “did the right thing for the wrong reasons..” from Schneier on Security https://www.schneier.com/blog/archives/2022/02/insurance-coverage-for-notpetya-losses.html

With an ongoing land war in Ukraine, everyone needs to be alert for the Kremlin's parallel disinformation campaigns. Many people simply are not aware of the massive amount of false data that is being spread by an extensive, Russia-controlled network of media outlets, websites and social media accounts. The Russian government is spreading disinformation to at least 4 different audiences :  from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/eyes-open-the-kremlin-propaganda-machine-now-works-overtime.-infographic

Ukraine's Computer Emergency Response Team calls out UNIC1151 nation-state hacking group out of Belarus as behind the attacks. from Dark Reading https://www.darkreading.com/endpoint/ukrainian-troops-targeted-in-phishing-attacks-by-suspected-belarusian-apt

Ransomware is getting worse, but Daniel Spicer, chief security officer at Ivanti, offers a checklist for choosing defense solutions to meet the challenge. from Threatpost https://threatpost.com/latest-insights-ransomware-threats/178391/

It's worthwhile to find candidates who have experience with models that embed security into their processes. from Dark Reading https://www.darkreading.com/edge-articles/top-5-interview-questions-to-ask-devops-candidates-in-2022

Having cyber insurance is a good idea if the costs make sense — it could be the difference between going out of business and staying afloat. But it shouldn't be your first course of action. from Dark Reading https://www.darkreading.com/risk/the-future-of-cyber-insurance

While extended detection and response (XDR) is effectively considered an upgrade from endpoint detection and response, enterprises must still begin with a strong EDR foundation. from Dark Reading https://www.darkreading.com/crowdstrike/putting-the-x-factor-in-xdr

A good lesson in reading the fine print : Cignpost Diagnostics, which trades as ExpressTest and offers £35 tests for holidaymakers, said it holds the right to analyse samples from seals to “learn more about human health” — and sell information on to third parties. Individuals are required to give informed consent for their sensitive medical data to be used ­ but customers’ consent for their DNA to be sold now as buried in Cignpost’s online documents. Of course, no one ever reads the fine print. from Schneier on Security https://www.schneier.com/blog/archives/2022/02/privacy-violating-covid-tests.html

The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya , which caused billions of dollars of downtime damage. The WSJ reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine.   from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/heads-up-the-ukraine-war-started-a-new-wiper-malware-spillover-risk

The story is an old one, but the tech gives it a bunch of new twists : Gemma Brett, a 27-year-old designer from west London, had only been working at Madbird for two weeks when she spotted something strange. Curious about what her commute would be like when the pandemic was over, she searched for the company’s office address. The result looked nothing like the videos on Madbird’s website of a sleek workspace buzzing with creative-types. Instead, Google Street View showed an upmarket block of flats in London’s Kensington. […] Using online reverse image searches they dug deeper. They found that almost all the work Madbird claimed as its own had been stolen from elsewhere on the internet — and that some of the colleagues they’d been messaging online didn’t exist. […] At least six of the most senior employees profiled by Madbird were fake. Their identities stitched together using photos stolen from random corners of the internet and made-up names. They included Madbird’s co-founder,

Nothing like zombie campaigns: WannaCry's old as dirt, and GandCrab threw in the towel years ago. They're on auto-pilot at this point, researchers say. from Threatpost https://threatpost.com/wannacry-gandcrab-top-ransomware-scene/178589/

Many widely used business applications aren't built to support passwordless login because identity and authentication remain siloed. from Dark Reading https://www.darkreading.com/operations/why-passwordless-is-at-an-impasse

Meanwhile, a few "alarming" infiltrations of OT networks by previously unknown threat groups occurred last year as well. from Dark Reading https://www.darkreading.com/attacks-breaches/ransomware-trained-on-manufacturing-firms-led-cyberattacks-in-industrial-sector

A Berlin-based company has developed an AirTag clone that bypasses Apple’s anti-stalker security systems. Source code for these AirTag clones is available online. So now we have several problems with the system. Apple’s anti-stalker security only works with iPhones. (Apple wrote an Android app that can detect AirTags, but how many people are going to download it?) And now non-AirTags can piggyback on Apple’s system without triggering the alarms. Apple didn’t think this through nearly as well as it claims to have. I think the general problem is one that I have written about before : designers just don’t have intimate threats in mind when building these systems. from Schneier on Security https://www.schneier.com/blog/archives/2022/02/bypassing-apples-airtag-security.html

The US National Cyber Director Chris Inglis wrote an essay outlining a new social contract for the cyber age: The United States needs a new social contract for the digital age — one that meaningfully alters the relationship between public and private sectors and proposes a new set of obligations for each. Such a shift is momentous but not without precedent. From the Pure Food and Drug Act of 1906 to the Clean Air Act of 1963 and the public-private revolution in airline safety in the 1990s, the United States has made important adjustments following profound changes in the economy and technology. A similarly innovative shift in the cyber-realm will likely require an intense process of development and iteration. Still, its contours are already clear: the private sector must prioritize long-term investments in a digital ecosystem that equitably distributes the burden of cyberdefense. Government, in turn, must provide more timely and comprehensive threat information while simultaneously

  CyberheistNews Vol 12 #08  |   Feb. 22nd., 2022 [Eye Opener] Here Are the 4 Traits of Most Scams Written by Roger Grimes There are a lot of scams in the world, and they seem to be proliferating at an exponential rate. My Facebook friends' accounts are compromised all the time and I get sent scam requests for easy money. I get at least one scam message via SMS every day. My email inbox is full of phishing scams. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cyberheistnews-vol-12-08-eye-opener-here-are-the-4-traits-of-most-scams

A phishing campaign is targeting users of the UK-based digital banking company Monzo, BleepingComputer reports. Security researcher William Thomas came across an SMS phishing (smishing) campaign that’s sending text messages that purport to come from Monzo. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/new-phishing-campaign-angles-for-monzo-banking-customers

Used to disguise malicious file extensions, this legacy functionality is being repurposed in attacks to obfuscate attachment types and steal credentials in an impressive way. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/20-year-old-right-to-left-override-functionality-used-in-attacks-to-trick-microsoft-365-users-out-of-credentials

This banking trojan-turned-information-stealer has been around for nearly 15 years. But its latest iteration – seen even in the past few weeks – has stepped up in its’ ability to act quickly. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/new-qbot-attack-only-takes-30-minutes-to-elevate-privileges-and-steal-data

Attackers took advantage of a smart-contract migration to swindle 17 users. from Threatpost https://threatpost.com/nft-investors-lose-1-7m-in-opensea-phishing-attack/178558/

Scams follow fashion because money follows fashion. So it’s no surprise that non-fungible tokens (NFTs), which have become a hot speculative property, have drawn scam artists for phishing campaigns. They’re not so much interested in the NFTs themselves as they are in the speculators’ cash. OceanSea, a leading NFT marketplace, has responded to panicky tweets from users to reassure them that it’s on top of rumors of “an exploit” connected to the smart contracts traders use. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/phishing-campaign-targets-nft-speculators

     In The Wild - CyberSecurity Newsletter Welcome to the 263 rd       issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!            Kerberoasting – The Potential Dangers of SPN Accounts SBS Educational Resources SBS CyberSecurity’s network security team performs hundreds of internal penetration tests each y