Friday, February 03, 2017

It’s that time of year again!
When someone appearing to be your boss emails you and says they urgently need you to send them employees’ W-2 information from 2016, what do you do?  Well, if you haven’t been trained properly or reminded often enough – or if your employer doesn’t have safeguards in place that might prevent you from just sending an email with an attachment out of the system – you might fall for the scam and email criminals the requested information.
If you don’t want to be hated by your colleagues whom you have put at risk of tax refund fraud and identity theft, when you get a request to email W-2 information, STOP and consult with a supervisor and ask them to confirm up the chain that this is a legitimate request.
Last year, this site compiled 145 such incidents before I somewhat waved a white flag in terms of trying to keep up.  Let’s see how 2017 goes.  Here’s the list I’ve got so far, and it will be updated as I become aware of new incidents.  Steve Ragan of Salted Hash has indicated that he will keep track, so do check his space also.
  1. Dracut Schools.
  2. Tipton County Schools 
  3. Odessa School District
  4. Campbell County Health 
  5. Marin Software
  6. UGI Utilities
  7. Sunrun
  8. Lexington School District Two in SC.
  9. Mercedes ISD in Texas.
  10. eHealthInsurance (eHealth, Inc.)
  11. Kuhana Associates
  12. Point Coupee Hospital
  13. Morton School District (IL)
  14. Scotty’s Brewhouse (IN)
  15. Mitchell Gold + Bob Williams
  16. Persante
  17. TransPerfect 
  18. Davidson County Schools (NC)
  19. Belton Independent School District (TX)
  20. Argyle School District (TX)
  21. Renovate America (CA)

Everyone blames the Russians.  Probably because the Russians are hacking everyone.
The Labour Party’s parliamentary group suffered a hack in autumn that was carried out by Russians, TV2 reported.
The attack against Labour is being compared to the hack of the Democratic National Committee that American intelligence agencies said was carried out by Russia in an effort to influence the outcome of the US election.
According to TV2’s report, Labour’s parliamentary group was notified of the hack by the Norwegian Police Security Service (Politiets Sikkerhetstjeneste – PST).
Everyone tries to hack everyone to get intel.  [Some are better at avoiding detection,  Bob] 

(Related).  Of course, the Russians blame the Chinese.
Chinese Cyberspies Target Russia With New Malware
A China-linked cyber espionage group has been using new malware and new techniques in attacks aimed at military and aerospace organizations in Russia and Belarus.
In July 2016, security firm Proofpoint reported that the threat actor had been using NetTraveler (aka TravNet) and the PlugX RAT to target Russia and neighboring countries.

Update.  It didn’t take long to find these hackers.  They must not be Russian!
Peter Hermann reports:
Two people have been arrested in London in the hacking of storage devices that record data from D.C. police surveillance cameras, law enforcement authorities said Thursday.
The arrests were made in the south London neighborhood of Streatham and followed a search warrant that was served Jan. 19, the day before the presidential inauguration in the District.
Read more on Washington Post.
[From the article: 
D.C. officials said last week that the hack appeared to be an extortion effort that “was localized.”
   City officials revealed the hack last week and said ransomware had been left on the camera system between Jan. 12 and Jan. 15.

(Related).  Ransomware is becoming more common.  Government computer systems are too easily hacked. 
Officials in Licking County tell 10TV that ransom was demanded for an IT hack that impacted the county’s phone and computer systems.
A computer virus shut down more than a thousand computers inside the Licking county government center late Tuesday.
A county commissioner says that the virus demanded a payment in Bitcoin for the county to regain control of their systems.  Officials declined to specify the amount of money that was requested.
Read more on 10TV.

Next time the FBI need to break into a phone they can call my Ethical Hacking students. 
Hacker Dumps iOS Cracking Tools Allegedly Stolen from Cellebrite
In January, Motherboard reported that a hacker had stolen 900GB of data from mobile phone forensics company Cellebrite.  The data suggested that Cellebrite had sold its phone cracking technology to oppressive regimes such as Turkey, the United Arab Emirates, and Russia.
Now the hacker responsible has publicly released a cache of files allegedly stolen from Cellebrite relating to Android and BlackBerry devices, and older iPhones, some of which may have been copied from publicly available phone cracking tools.

For my Computer Security students.
Javelin 2017 Identity Fraud Study
by Sabrina I. Pacifici on Feb 2, 2017
“The 2017 Identity Fraud Study released today by Javelin Strategy & Research (@JavelinStrategy), revealed that the number of identity fraud victims increased by sixteen percent (rising to 15.4 million U.S. consumers) in the last year, a record high since Javelin Strategy & Research began tracking identity fraud in 2003.  The study found that despite the efforts of the industry, fraudsters successfully adapted to net two million more victims this year with the amount fraudsters took rising by nearly one billion dollars to $16 billion.  There was a resurgence in existing card fraud in 2016, which saw an increase of 40 percent in card-not-present (CNP) fraud.  The study also found that the increase in EMV cards and terminals was a catalyst for driving fraudsters to shift to fraudulently opening new accounts.  On a positive note, while fraudsters are becoming better at evading detection, consumers with an online presence are getting better at detecting fraud quicker, leading to less stolen overall per attempt”

You don’t have to tell your computer what’s in a picture – it can tell you.
Facebook AI Lumos Can Find Your Photos Even Those You Are Not Tagged In
   the company announced that its artificial intelligence technology Lumos can now search for pictures not just based on dates, places, and tags.  Rather, the technology can also find specific photos just because it understands what's in them.

All tech companies want a vacuum cleaner like connection to your wallet.  This is Apple’s. 
Apple is truly determined to disrupt banking with Apple Pay
Apple Pay is much more than a frictionless and secure payments service, Apple also thinks it will help accelerate the digital transformation of the banking industry.
   In recent court filings reported by the Sydney Morning Herald, the company explained how Apple Pay-driven disruption of the banking system may help customers:
  • By opening up the market to smaller lenders through the provision of an alternative to card payment systems.
  • Increased competition should force better rates.
  • Lenders should begin offering better promotional deals, such as air miles or cash back.

Perspective.  Imagine using your building lights to play Tetris, stream the news or advertise your company.
Now Cisco can even network your building systems
The Catalyst Digital Building Series Switch is an Ethernet switch designed to link different kinds of building infrastructure over a network.
   It uses Cisco’s enhanced version of PoE (Power over Ethernet) to run things like lights and cameras while collecting data about those devices over the same standard cable.
The switch embodies the merger of IT and OT (operational technology), one of the big enterprise trends that the internet of things is driving.
   Cisco’s new switches can power all the lights in a building by themselves.  Instead of being connected to the traditional AC power grid that feeds wall sockets, the lights will run off Ethernet cables from ports in the switch.
This wasn’t possible until LED lights became affordable for use in new buildings and renovations.

No comments: