23 min read

This Week's [in]Security - Issue 251

Picture of CG Blogger CG Blogger : Jan 23, 2022 7:59:00 AM

[in]security Anti-trust PHAC Log4shell Zoom 5G

Welcome to This Week’s [in]Security. PCI and payments: PCI updates: PAN Truncation Simplified, DSSv4 preview, Payments, Training & events. New breaches: Crypto.com, Lympo, Multichain, WordPress supply chain, healthcare, Red Cross. New Ransomware, Major outages, Follow-ups & Fall-out: Leak Analysis, Open Subtitles. Upstox, Desjardins, C-Planet. Privacy: Duck Duck Bang, Meta gets creepy, Police & social media, PHAC, AirTag stalking. Laws & Regs - Canada: vaccine mandates. US: Restraining Tech, Anti-trust, DeFi, EFF, Pennsylvania, Missouri. World: UK crypto-wars, EU, Australia vs Google, China, Japan, Crypto mining, Standards: IPv6 Security. Defense: Supply Chains, Open Source, IRS, Excel macros, Chrome, Microsoft, Vulnerabilities, Zerodays: Zoom. Olympic App fail, Other Vulnerabilities: CISA warnings, Zero-click, Bug Bounty Markets, Likelihood of attack, Hospital IoT, Log4Shell, Cisco, Linux WCP, ManageEngine, McAfee, zombie Jquery, Box 2FA bypass, Security Devices. Dark Souls, Patching: Smart patching, Oracle, SAP, Windows emergency fixes, Zoho. Crypto-research. Cybercrime: Trends: Nation States: Crime & Enforcement. Other Risks: FAA vs FCC on 5G, Doomsday Clock, Russia-Ukraine, Drones, Disinformation, Economy. Health, Safety & Environment: Covid-19: Spread, Curves, Waves, and Variants; Response; Treatments; Immunity; Learned; Compliance. Innovation and more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

PCI Updates:
- FAQ #1091 has been updated again and simplified https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/What-are-acceptable-formats-for-truncation-of-primary-account-numbers
- Our take on the great PCI DSS truncation reset (FAQ#1091) https://controlgap.com/blog/8-Digit-BINs-Great-PCI-Truncation-Reset
- PCI DSSv4 Preview available to Participating Organizations and QSA companies, we updated our article https://controlgap.com/blog/PCI-DSSv4-is-Coming
Other payment related:
- Merchant Payments Coalition Urges US Lawmakers to Consider Card Fees https://www.pymnts.com/credit-cards/2022/merchant-payments-coalition-urges-us-lawmakers-to-consider-card-fees/
- Mastercard Hit with £31.5M Fine for Running Pre-Paid Card Ring https://www.pymnts.com/mastercard/2022/mastercard-hit-with-31-5m-fine-for-running-pre-paid-card-ring/
- Around 30% of the bitcoin in circulation is worth less than what holders paid for it, Glassnode has found https://markets.businessinsider.com/news/currencies/bitcoin-crypto-investors-traders-market-supply-bulls-bears-blockchain-data-2022-1
- How Behavioral Analytics Can Prevent New Account Fraud https://www.pymnts.com/authentication/2022/how-behavioral-analytics-can-prevent-new-account-fraud/
Other educational events, webinars, courses:
- 2022 PCI Community Meetings (Toronto, Milan, and TBA) https://events.pcisecuritystandards.org/
- Security engineering course https://www.lightbluetouchpaper.org/2022/01/19/security-engineering-course/

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

Crypto.com:
- Crypto.com acknowledges 'unauthorized activity' on servers, maintains no funds have been lost https://www.theregister.com/2022/01/18/crypto_com_security_incident/
- 'Unauthorized Activity' Leads to Withdrawal Suspension on Crypto.com https://www.pymnts.com/news/security-and-risk/2022/unauthorized-activity-leads-to-withdrawal-suspension-on-crypto-com/
- Crypto.com CEO confirms hundreds of accounts were hacked, hedges on other details https://www.theverge.com/2022/1/19/22891949/crypto-ceo-confirms-hundreds-accounts-hacked-bloomberg-ethereum
- Crypto.com admits over $30 million stolen by hackers https://www.theverge.com/2022/1/20/22892958/crypto-com-exchange-hack-bitcoin-ethereum-security
- 2FA Bypassed in $34.6M Crypto.com Heist: What We Can Learn https://threatpost.com/2fa-bypassed-crypto-com-heist/177846/
Other New Breaches:
- Another Hack Faced By Lympo, Lost 165.2 Million LMT Tokens Worth $18.7 Million https://www.databreaches.net/another-hack-faced-by-lympo-lost-165-2-million-lmt-tokens-worth-18-7-million/
- Multichain token hack losses reach $3 million: report https://www.zdnet.com/article/multichain-token-hack-losses-reach-3-million-report
- Supply chain attack used legitimate WordPress add-ons to backdoor sites https://arstechnica.com/information-technology/2022/01/supply-chain-attack-used-legitimate-wordpress-add-ons-to-backdoor-sites/
- A white supremacist website got hacked, airing all its dirty laundry https://arstechnica.com/information-technology/2022/01/data-leak-from-neo-nazi-site-shows-members-conspiring-in-hate-crimes/
- A data breach that put 688,000 patients at risk just became … even worse https://www.databreaches.net/a-data-breach-that-put-688000-patients-at-risk-just-became-even-worse/
- Ca: Cyberattack at Arnprior Regional Health; data stolen https://www.databreaches.net/ca-cyberattack-at-arnprior-regional-health-data-stolen/
- Red Cross cyberattack exposes data of 515,000 people seeking missing family https://www.bleepingcomputer.com/news/security/red-cross-cyberattack-exposes-data-of-515-000-people-seeking-missing-family/
- Personal Information Compromised in Goodwill Website Hack https://www.securityweek.com/personal-information-compromised-goodwill-website-hack
- Sacramento County: Hundreds of personal records exposed in data breach https://www.databreaches.net/sacramento-county-hundreds-of-personal-records-exposed-in-data-breach/
- South Australian gov issues breach notice to hacked payroll provider https://www.databreaches.net/south-australian-gov-issues-breach-notice-to-hacked-payroll-provider/
New Ransomware and "Incidents":
- Moncler confirms ransomware attack and data breach https://www.databreaches.net/moncler-confirms-ransomware-attack-and-data-breach/
- Umbrella company Parasol Group confirms cyber attack as 'root cause' of prolonged network outage https://www.theregister.com/2022/01/17/umbrella_company_parasol_group_confirms/
- More contractor pain: Parasol's sister firms, SJD Accountancy and Nixon Williams, confirm cyberattack https://www.theregister.com/2022/01/18/sjd_accountancy_ransomware_attack/
- Valley Regional Transit target of ransomware attack, info may have been compromised https://www.databreaches.net/valley-regional-transit-target-of-ransomware-attack-info-may-have-been-compromised/
Major outages/downs:
- A lone undersea internet cable connected Tonga to the world - a volcanic eruption broke it https://www.theverge.com/22891031/tonga-volcano-eruption-broke-undersea-internet-cable-repair
- It's not just you: Telegram is down for many users https://www.bleepingcomputer.com/news/technology/its-not-just-you-telegram-is-down-for-many-users/
- Roku outage leads to frozen TVs and unresponsive devices https://www.theverge.com/2022/1/19/22892590/roku-service-outage-frozen-tv-streaming-sticks
Follow-ups and fall-out:
- A Trip to the Dark Site - Leak Sites Analyzed https://thehackernews.com/2022/01/a-trip-to-dark-site-leak-sites-analyzed.html
- Open Subtitles - 6,783,158 breached accounts https://haveibeenpwned.com/PwnedWebsites#OpenSubtitles
- Upstox - 111,002 breached accounts https://haveibeenpwned.com/PwnedWebsites#Upstox
- Data theft at Desjardins: the ex-employee wanted "no media coverage" https://www.databreaches.net/data-theft-at-desjardins-the-ex-employee-wanted-no-media-coverage/
- Mt: IT firm C-Planet fined €65,000 over massive voter data breach https://www.databreaches.net/mt-it-firm-c-planet-fined-e65000-over-massive-voter-data-breach/
- UK: Gloucester Council cyber attack linked to Russian hackers https://www.databreaches.net/uk-gloucester-council-cyber-attack-linked-to-russian-hackers/

Privacy

Articles about privacy related news, risks, and trends.

Great privacy trick, Duck-Duck-GO bangs https://duckduckgo.com/bang
Meta wants to track your eye movements and facial expressions as you roam the metaverse, patents suggest https://www.businessinsider.com/meta-metaverse-patents-track-eye-movement-facial-expressions-facebook-zuckerberg-2022-1
Police Social Media Spying Powers: 50 countries ranked on social media surveillance https://www.comparitech.com/blog/vpn-privacy/social-media-surveillance-by-police/
Conservative ethics critics demand answers on Public Health Agency of Canada (PHAC) location tracking https://globalnews.ca/video/8500659/conservative-ethics-critics-demand-answers-on-phac-location-tracking
'I was just really scared': Apple AirTags lead to stalking complaints https://www.theguardian.com/technology/2022/jan/20/apple-airtags-stalking-complaints-technology

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

Canada:
- As unvaccinated workers sue for wrongful dismissal, Ottawa working on shielding employers https://globalnews.ca/news/8523534/covid-omicron-vaccine-mandate-lawsuit-employer-trudeau/
US:
- Democrats unveil bill to ban online 'surveillance advertising' https://www.theverge.com/2022/1/18/22889903/democrats-targeted-advertising-facebook-google-surveillance
- Will Congress Pass New Regulation on Big Tech? Time May Be Running Out. https://www.nytimes.com/2022/01/20/technology/big-tech-senate-bill.html
- Apple and Google Face Moment of Truth With Senate Hearing Over Antitrust Bills https://www.pymnts.com/antitrust/2022/apple-and-google-face-moment-of-truth-with-senate-hearing-over-antitrust-bills/
- Biden Broadens NSA Oversight of National Security Systems https://www.darkreading.com/vulnerabilities-threats/biden-broadens-nsa-oversight-of-national-security-systems
- Fed punts on the creation of a digital dollar in long-awaited report on central bank cryptocurrencies https://markets.businessinsider.com/news/currencies/federal-reserve-crypto-report-digital-dollar-central-bank-digital-currency-2022-1
- The dark side of DeFi: Why the SEC wants to level the playing field https://www.businessinsider.com/defi-crypto-has-become-playground-for-bad-actors-2022-1
- Copyright Shouldn't Stand in the Way of Your Right to Repair https://www.eff.org/deeplinks/2022/01/copyright-shouldnt-stand-way-your-right-repair
- In the Internet Age, Copyright Law Does Far More Than Antitrust to Shape Competition https://www.eff.org/deeplinks/2022/01/internet-age-copyright-law-does-far-more-antitrust-shape-competition
- It's Copyright Week 2022: Ten Years Later, How Has SOPA/PIPA Shaped Online Copyright Enforcement? https://www.eff.org/deeplinks/2022/01/its-copyright-week-2022-ten-years-later-how-has-sopapipa-shaped-online-copyright
- Welcome to the Public Domain, Winnie-the-Pooh https://www.eff.org/deeplinks/2022/01/welcome-public-domain-winnie-pooh
- PA Senate passes bills aimed at ransomware, data breaches https://www.databreaches.net/pa-senate-passes-bills-aimed-at-ransomware-data-breaches/
- The Governor Who Thinks Examining HTML Is Criminal Hacking Is Now Working To Make Missouri's Public Records Laws Worse https://www.databreaches.net/the-governor-who-thinks-examining-html-is-criminal-hacking-is-now-working-to-make-missouris-public-records-laws-worse/
- US sanctions former Ukrainian official for helping Russian cyberspies https://www.bleepingcomputer.com/news/security/us-sanctions-former-ukrainian-official-for-helping-russian-cyberspies/
- Intuit's TurboTax Still Being Probed by FTC Despite Limited Power https://www.pymnts.com/news/security-and-risk/2022/intuits-turbotax-still-being-probed-by-ftc-despite-limited-power/
- American Airlines, The Points Guy Sue Each Other Over Data Use https://www.pymnts.com/news/loyalty-and-rewards-news/2022/american-airlines-the-points-guy-sue-each-other-over-data-use/
World:
- UK mulls making MSPs subject to mandatory security standards where they provide critical infrastructure https://www.theregister.com/2022/01/20/uk_nis_regulations_msp_plans/
- NortonLifeLock and Avast tie-up falls under UK competition regulator's spotlight https://www.theregister.com/2022/01/20/nortonlocklife_avast_cma/
- UK Government to Launch PR Campaign Undermining End-to-End Encryption https://www.schneier.com/blog/archives/2022/01/uk-government-to-launch-pr-campaign-undermining-end-to-end-encryption.html
- Privacy is for paedophiles, UK government seems to be saying while spending £500k demonising online chat encryption https://www.theregister.com/2022/01/20/no_place_hide_campaign_anti_e2ee_ukgov/
- Government to launch anti-encryption ads to convince 'easily swayed people' into wanting weaker phone security https://www.independent.co.uk/tech/government-encryption-whatsapp-phone-security-b1994758.html
- End-to-end encryption protects children, says UK information watchdog https://www.theguardian.com/technology/2022/jan/21/end-to-end-encryption-protects-children-says-uk-information-watchdog
- EU Parliament Approves Digital Service Act, Holding Big Tech Accountable for Content https://www.pymnts.com/big-tech/2022/eu-parliament-approves-digital-service-act-holding-big-tech-accountable-for-content/
- EU Wants To Build Its Own DNS Infrastructure With Built-In Filtering Capabilities https://packetstormsecurity.com/news/view/33027/EU-Wants-To-Build-Its-Own-DNS-Infrastructure-With-Built-In-Filtering-Capabilities.html
- Google warns of 'devastating' impact if court ruling on defamatory hyperlinks not overturned https://www.theguardian.com/technology/2022/jan/24/google-warns-of-devastating-impact-if-court-ruling-on-defamatory-hyperlinks-not-overturned
- Returning travelers made to hand over phones and passcodes to Australian Border Force https://www.theguardian.com/world/2022/jan/18/returning-travellers-made-to-hand-over-phones-and-passcodes-to-australian-border-force
- China Unveils Stricter Big Tech Investment Rules https://www.pymnts.com/news/regulation/2022/china-unveils-stricter-big-tech-investment-rules/
- Japan's Supreme Court rules crypto-jacking scripts are not malware https://www.theregister.com/2022/01/21/japan_supreme_court_cryptojacking_not_malware/
- European Parliament approves initial proposal to ban some targeted ads https://www.theverge.com/2022/1/23/22897574/european-parliament-eu-digital-services-act-big-tech
- Russia's central bank is calling for a sweeping ban on crypto activity from mining to trading https://markets.businessinsider.com/news/currencies/russia-central-bank-crypto-ban-activity-mining-trading-bitcoin-2022-1
Standards News:
- CISA Releases Final IPv6 Security Guidance for Federal Agencies https://www.securityweek.com/cisa-releases-final-ipv6-security-guidance-federal-agencies

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Will 2022 Be the Year of the Software Bill of Materials? https://threatpost.com/2022-software-bill-of-materials/177736/
Reducing Security Risks in Open Source Software at Scale: Scorecards Launches V4 https://security.googleblog.com/2022/01/reducing-security-risks-in-open-source.html
IRS Will Soon Require Selfies for Online Access https://krebsonsecurity.com/2022/01/irs-will-soon-require-selfies-for-online-access/
Microsoft disables Excel 4.0 macros by default to block malware https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-excel-40-macros-by-default-to-block-malware/
Kaspersky Announces Takedown Service https://www.darkreading.com/attacks-breaches/kaspersky-announces-takedown-service
ARM rages against the insecure chip machine with new Morello architecture https://www.theregister.com/2022/01/21/arm_morello_testing/
Chrome Limits Websites' Direct Access to Private Networks for Security Reasons https://thehackernews.com/2022/01/chrome-limits-websites-access-to.html
Microsoft: Edge will mitigate 'unforeseen active' zero day bugs https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-will-mitigate-unforeseen-active-zero-day-bugs/
Don't Use Public Wi-Fi Without DNS Filtering https://thehackernews.com/2022/01/dont-use-public-wi-fi-without-dns.html
How to protect your PC from ransomware using Windows' built-in protection https://www.theverge.com/22889631/windows-10-11-ransomware-defense-security-how-to
Microsoft Edge Adds Security Mode to Thwart Malware Attacks https://www.securityweek.com/microsoft-edge-adds-security-mode-thwart-malware-attacks
Microsoft lists the Windows 10 group policies to avoid https://www.bleepingcomputer.com/news/microsoft/microsoft-lists-the-windows-10-group-policies-to-avoid/
Uncovering Windows Defender Real-time Protection History with DHParser https://www.sans.org/blog/uncovering-windows-defender-real-time-protection-history-with-dhparser
Build a stronger cybersecurity team through diversity and training https://www.microsoft.com/security/blog/2022/01/20/build-a-stronger-cybersecurity-team-through-diversity-and-training/
Online tool cracks down on child sexual abuse images https://globalnews.ca/news/8517340/online-tool-cracks-down-on-child-sexual-abuse-images/
ProtonMail introduces a new email tracker blocking system https://www.bleepingcomputer.com/news/security/protonmail-introduces-a-new-email-tracker-blocking-system/
UK, Australia, to build 'network of liberty that will deter cyber attacks before they happen' https://www.theregister.com/2022/01/21/uk_australia_cyber_and_critical_technology_partnership/

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Zero-day news:
- Google Details Two Zero-Day Bugs Reported in Zoom Clients and MMR Servers https://thehackernews.com/2022/01/google-details-two-zero-day-bugs.html
- Zoom vulnerabilities impact clients, MMR servers https://www.zdnet.com/article/zoom-vulnerabilities-impact-clients-mmr-servers
China's MY2002 Olympics App insecurity:
- China's Olympics App Is Horribly Insecure https://www.schneier.com/blog/archives/2022/01/chinas-olympics-app-is-horribly-insecure.html
- Citizen Lab report on Olympic MY2022 app vulnerabilities https://citizenlab.ca/2022/01/cross-country-exposure-analysis-my2022-olympics-app/
- Canadian Olympic athletes warned about Chinese cyber spies https://ottawacitizen.com/news/canada/canadian-olympic-athletes-warned-about-chinese-cyber-spies/wcm/93653cb0-9bef-4e00-bc1c-b2aa757105e8
- U.S. Olympians Told to Use 'Burner Phones' in China https://www.securityweek.com/us-olympians-told-use-burner-phones-china
Other Vulnerabilities:
- CISA adds 17 vulnerabilities to list of bugs exploited in attacks https://www.bleepingcomputer.com/news/security/cisa-adds-17-vulnerabilities-to-list-of-bugs-exploited-in-attacks/
- CISA urges US orgs to prepare for data-wiping cyberattacks https://www.bleepingcomputer.com/news/security/cisa-urges-us-orgs-to-prepare-for-data-wiping-cyberattacks/
- Zooming in on Zero-click Exploits https://googleprojectzero.blogspot.com/2022/01/zooming-in-on-zero-click-exploits.html
- An Examination of the Bug Bounty Marketplace https://www.schneier.com/blog/archives/2022/01/an-examination-of-the-bug-bounty-marketplace.html and paper at https://datasociety.net/wp-content/uploads/2022/01/BountyEverythingFinal01052022.pdf
- Google Pays Out Over $100,000 for Vulnerabilities Patched With Chrome 97 Update https://www.securityweek.com/google-pays-out-over-100000-vulnerabilities-patched-chrome-97-update
- Cisco's Kenna Security Research Shows the Relative Likelihood of an Organization Being Exploited https://www.darkreading.com/attacks-breaches/cisco-s-kenna-security-research-shows-the-relative-likelihood-of-an-organization-being-exploited
- Half of internet-connected devices in hospitals are vulnerable to hacks, report finds https://www.theverge.com/2022/1/19/22891440/internet-connected-medical-devices-vulnerable
- One in 10 Assets Assessed Are Vulnerable to Log4Shell https://www.tenable.com/blog/one-in-10-assets-assessed-are-vulnerable-to-log4shell
- Cisco bug gives remote attackers root privileges via debug mode https://www.bleepingcomputer.com/news/security/cisco-bug-gives-remote-attackers-root-privileges-via-debug-mode/
- Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software https://thehackernews.com/2022/01/cisco-issues-patch-for-critical-rce.html
- Critical Bugs in Control Web Panel Expose Linux Servers to RCE Attacks https://thehackernews.com/2022/01/critical-bugs-in-control-web-panel.html
- Critical ManageEngine Desktop Server Bug Opens Orgs to Malware https://threatpost.com/critical-manageengine-desktop-server-bug-malware/177705/
- McAfee Bug Can Be Exploited to Gain Windows SYSTEM Privileges https://threatpost.com/mcafee-bug-windows-system-privileges/177857/
- Bug in WebKit's IndexedDB implementation makes Safari 15 leak Google account info... and more https://www.theregister.com/2022/01/17/safari_15_indexeddb_bug/
- Resurrected jQuery UI Library Haunts Websites, Enterprise Products https://www.securityweek.com/resurrected-jquery-ui-library-haunts-some-websites-enterprise-products
- Researchers Bypass SMS-based Multi-Factor Authentication Protecting Box Accounts https://thehackernews.com/2022/01/researchers-bypass-sms-based-multi.html
- Vulnerability in IDEMIA Biometric Readers Allows Hackers to Unlock Doors https://www.securityweek.com/vulnerability-idemia-biometric-readers-allows-hackers-unlock-doors
- Security Scanning Devices Across Europe Tied to China Govt, Military https://www.securityweek.com/security-scanners-across-europe-tied-china-govt-military
- Dark Souls 3 exploit could let hackers take control of your entire computer https://www.theverge.com/2022/1/22/22896785/dark-souls-3-remote-execution-exploit-rce-exploit-online-hack
Patching:
- When Patching Security Flaws, Smarter Trumps Faster https://www.darkreading.com/vulnerabilities-threats/when-patching-security-flaws-smarter-trumps-faster
- Oracle's First Security Updates for 2022 Include 497 Patches https://www.securityweek.com/oracles-first-security-updates-2022-include-497-patches
- Critical SAP Vulnerability Allows Supply Chain Attacks https://www.securityweek.com/critical-sap-vulnerability-allows-supply-chain-attacks
- Microsoft releases OOB updates for January Windows update issues https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-oob-updates-for-january-windows-update-issues/
- Microsoft starts force installing Windows 10 21H2 on more devices https://www.bleepingcomputer.com/news/microsoft/microsoft-starts-force-installing-windows-10-21h2-on-more-devices/
- Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central https://thehackernews.com/2022/01/zoho-releases-patch-for-critical-flaw.html
Cryptography and Cryptographic Research:
- Lightweight Secure Integer Comparison, by Thijs Veugen https://eprint.iacr.org/2022/079

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

Trends, Alerts, and Events (other than major breaches):
- 20K WordPress Sites Exposed by Insecure Plugin REST-API https://threatpost.com/wordpress-insecure-plugin-rest-api/177866/
- WordPress plugin flaw puts users of 20,000 sites at phishing risk https://www.bleepingcomputer.com/news/security/wordpress-plugin-flaw-puts-users-of-20-000-sites-at-phishing-risk/
- DoNot Hacking Team Targeting Government and Military Entities in South Asia https://thehackernews.com/2022/01/donot-hacking-team-targeting-government.html
- Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors https://thehackernews.com/2022/01/earth-lusca-hackers-aimed-at-high-value.html
- Molerats Hackers Hiding New Espionage Attacks Behind Public Cloud Infrastructure https://thehackernews.com/2022/01/molerats-hackers-hiding-new-espionage.html
- New BHUNT Password Stealer Malware Targeting Cryptocurrency Wallets https://thehackernews.com/2022/01/new-bhunt-password-stealer-malware.html
- New MoonBounce UEFI malware used by APT41 in targeted attacks https://www.bleepingcomputer.com/news/security/new-moonbounce-uefi-malware-used-by-apt41-in-targeted-attacks/
- 'Anomalous' spyware stealing credentials in industrial firms https://www.bleepingcomputer.com/news/security/anomalous-spyware-stealing-credentials-in-industrial-firms/
- Spyware Blitzes Compromise, Cannibalize ICS Networks https://threatpost.com/spyware-blitzes-compromise-cannibalize-ics-networks/177851/
- Thousands of Industrial Firms Targeted in Attacks Leveraging Short-Lived Malware https://www.securityweek.com/thousands-industrial-firms-targeted-attacks-leveraging-short-lived-malware
- Spamhaus Botnet Threat Update: Q4-2021 https://packetstormsecurity.com/news/view/33026/Spamhaus-Botnet-Threat-Update-Q4-2021.html
- Log4Shell Attacks Getting "Smarter", (Mon, Jan 17th) https://isc.sans.edu/diary/rss/28246
- Microsoft: Attackers Tried to Login to SolarWinds Serv-U Via Log4j Bug https://threatpost.com/microsoft-log4j-attackssolarwinds-serv-u-bug/177824/
- New Ransomware Spotted: White Rabbit and Its Evasion Tactics https://www.trendmicro.com/en_us/research/22/a/new-ransomware-spotted-white-rabbit-and-its-evasion-tactics.html
- New White Rabbit ransomware linked to FIN8 hacking group https://www.bleepingcomputer.com/news/security/new-white-rabbit-ransomware-linked-to-fin8-hacking-group/
- Telegram is a hotspot for the sale of stolen financial accounts https://www.bleepingcomputer.com/news/security/telegram-is-a-hotspot-for-the-sale-of-stolen-financial-accounts/
Nation State Actors:
- Chinese APT Deploys MoonBounce Implant In UEFI Firmware https://packetstormsecurity.com/news/view/33025/Chinese-APT-Deploys-MoonBounce-Implant-In-UEFI-Firmware.html
Crime & Arrests, etc.:
- Scammers keep finding ways to drain gift cards https://toronto.ctvnews.ca/scammers-keep-finding-ways-to-drain-gift-cards-1.5746980
- Are Fake COVID Testing Sites Harvesting Data? https://www.schneier.com/blog/archives/2022/01/are-fake-covid-testing-sites-harvesting-data.html
- Hacker steals $200,000 through Multichain bug, offers to return 80% to victim https://www.databreaches.net/hacker-steals-200000-through-multichain-bug-offers-to-return-80-to-victim/
- NFT scammers made off with $1.3 million in solana after a 'rug pull' despite the project creators being vetted https://markets.businessinsider.com/news/currencies/nft-scam-solana-big-daddy-ape-club-rug-pull-civic-2022-1
- Europol shuts down VPN service used by ransomware groups https://www.bleepingcomputer.com/news/security/europol-shuts-down-vpn-service-used-by-ransomware-groups/
- Interpol Busted 11 Members of Nigerian BEC Cybercrime Gang https://thehackernews.com/2022/01/interpol-busted-11-members-of-nigerian.html
- Mid-flight fake bomb plot ends in air piracy charge https://www.bbc.co.uk/news/world-us-canada-60077773
- Nigerian Authorities Arrest 11 Members of Prolific BEC Fraud Group https://www.securityweek.com/nigerian-authorities-arrest-11-members-prolific-bec-fraud-group
- 'Serial' romance fraudster jailed for trying to scam 670 people in the UK https://www.zdnet.com/article/romance-fraudster-jailed-for-trying-to-scam-670-people-in-the-uk

Other Security / Risk

Articles covering other types of risks.

US 5G Airline safety FAA vs FCC:
- Major U.S. airline heads warn 5G rollout could bring 'catastrophic' crisis https://globalnews.ca/news/8519103/airlines-warning-5g-catastrophic-aviation-crisis/
- How 5G Clashed With an Aviation Device Invented in the 1920s https://www.nytimes.com/2022/01/19/business/5g-radio-altimeters-airlines.html
- FCC report on 5G and aviation concluding there are risks requiring joint effort https://ecfsapi.fcc.gov/file/1008783828641/SC-239%205G%20Interference%20Assessment%20Report_274-20%20PMC-2073%20Submitted.pdf
- FAA page on the 5G issue complete with a timeline https://www.faa.gov/newsroom/faa-statements-5g
- The 5G Fiasco from a pilot's perspective https://www.thedrive.com/the-war-zone/43917/the-5g-fiasco-from-an-airline-pilots-point-of-view
- Canada eyeing 5G's impact on 'critical' aircraft tech amid U.S. warnings https://globalnews.ca/news/8521383/canada-5g-aviation-technology-impacts/
- FAA estimates 78 percent of US planes can now land at airports with 5G C-band https://www.theverge.com/2022/1/20/22893597/faa-5g-c-band-rollout-airports-cleared-altimeters-regional-jets
- FAA clears Boeing 777 and other planes after 5G warning halted some flights https://arstechnica.com/tech-policy/2022/01/faa-clears-62-of-us-planes-for-low-visibility-landings-amid-5g-rollout/
The Doomsday Clock Is About to Tick, And We've Never Been So Close to Midnight https://www.sciencealert.com/the-doomsday-clock-is-about-to-be-reset-and-we-re-not-optimistic-about-it-s-new-time
Russia-Ukraine:
- The Atlantic Daily: America Sounds the Alarm on Russia-Ukraine https://www.theatlantic.com/newsletters/archive/2022/01/russia-ukraine-white-house/621319/
- Russia denies U.S. allegations it's preparing pretext to invade Ukraine https://globalnews.ca/news/8516982/russia-denies-ukraine-invade-troops/
- Destructive Wiper Targeting Ukraine Aimed at Eroding Trust, Experts Say https://threatpost.com/destructive-wiper-ukraine/177768/
- Ukraine blames Belarus for PC-wiping 'ransomware' that has no recovery method and nukes target boxen https://www.theregister.com/2022/01/17/ukraine_pc_wiping_malware_belarus_accusations/
- NATO, Ukraine Sign Deal to 'Deepen' Cyber Cooperation https://www.securityweek.com/nato-ukraine-sign-deal-deepen-cyber-cooperation
- Russia is facing 'severe' sanctions for Ukraine threats. Here's what that could mean https://globalnews.ca/news/8526714/russia-ukraine-severe-sanctions/
Other:
- 5 Myths About Interning in Cybersecurity https://www.imperva.com/blog/5-myths-about-interning-in-cybersecurity/
- The 9 Biggest Cybersecurity Lies Told to CISOs https://www.sentinelone.com/blog/the-9-biggest-cybersecurity-lies-told-to-cisos/
- The Signal app creator is just one influential expert slamming crypto tech - and investors have taken notice https://markets.businessinsider.com/news/currencies/crypto-technology-critics-bitcoin-price-investors-signal-moxie-marlinspike-ubs-2022-1
- Microsoft leak: Third-party widgets coming soon to Windows 11 https://www.bleepingcomputer.com/news/microsoft/microsoft-leak-third-party-widgets-coming-soon-to-windows-11/
- Sweden's top spy agency is trying to figure out why 'large' drones keep flying over the country's nuclear power plants https://www.businessinsider.com/swedens-spy-agency-investigates-large-drones-3-over-nuclear-plants-2022-1
- You're not a fan of Microsoft's Pluton TPM chip? Lenovo won't switch it on by default https://www.theregister.com/2022/01/20/microsoft_amd_pluton_lenovo/
- Facebook's Unglamorous Mistakes https://www.nytimes.com/2022/01/19/technology/facebook-moderation-mistakes.html
- Meta might let companies sponsor the appearance of objects in the metaverse, patent filing suggests https://www.businessinsider.com/meta-patent-lets-companies-sponsor-metaverse-objects-report-2022-1
- McAfee's and FireEye rename themselves 'Trellix' https://www.theregister.com/2022/01/20/trellix_mcafee_fireye_logowatch/
- Airplane cabins are chock-full of secret cameras, but they're not used to spy on passengers. Here's what they're for and where to find them. https://www.businessinsider.com/why-airplanes-have-cameras-what-they-do-where-to-find-2022-1
Disinformation and misinformation:
- Preparing for the Next Cybersecurity Epidemic: Deepfakes https://www.darkreading.com/operations/preparing-for-the-next-cybersecurity-epidemic-deepfakes
- Should bad science be censored on social media? https://www.bbc.co.uk/news/technology-60036861
- Researchers use AI to analyze tweets debating vaccination and climate change https://scienmag.com/researchers-use-ai-to-analyze-tweets-debating-vaccination-and-climate-change/
- These states saw the most Americans quit their jobs in November as the hiring recovery sharply slowed https://www.businessinsider.com/map-states-most-quitting-labor-shortage-great-resignation-workforce-recovery-2022-1
Health, Safety & Environment:
- How to Identify Counterfeit N95 Masks https://www.mentalfloss.com/article/654520/how-identify-counterfeit-n95-masks
- Why You Should Never Quit Fruit During a Low-Carb Diet, According to Science https://www.sciencealert.com/even-if-you-re-trying-to-lower-your-sugar-intake-a-doctor-explains-why-you-should-keep-eating-fruit
- UK rates of nearsightedness have increased significantly over time https://scienmag.com/uk-rates-of-nearsightedness-have-increased-significantly-over-time/
- Pig Kidneys Transplanted to Human in Milestone Experiment https://www.scientificamerican.com/article/pig-kidneys-transplanted-to-human-in-milestone-experiment/
- 3D robotic spine 'twin' and sensor offer new way to preview surgical interventions https://scienmag.com/3d-robotic-spine-twin-and-sensor-offer-new-way-to-preview-surgical-interventions/
- Respiratory viruses that hijack immune mechanisms may have Achilles' heel https://scienmag.com/respiratory-viruses-that-hijack-immune-mechanisms-may-have-achilles-heel/
- TTUHSC scientist seeking solution to antibiotic resistance https://scienmag.com/ttuhsc-scientist-seeking-solution-to-antibiotic-resistance/
- Havana syndrome: Most cases not caused by foreign power - CIA https://www.bbc.co.uk/news/world-us-canada-60068483
- 'Havana Syndrome': Canada cautions diplomats about mysterious illness symptoms https://globalnews.ca/news/8532388/havana-syndrome-canada-diplomats/
- COVID Threatens to Bring a Wave of Hikikomori (isolation syndrom, mental health) to America https://www.scientificamerican.com/article/covid-threatens-to-bring-a-wave-of-hikikomori-to-america/
- Gene Variant May Have Helped Ancient Humans Survive Starvation https://www.scientificamerican.com/article/gene-variant-may-have-helped-ancient-humans-survive-starvation/
- A Tesla on autopilot killed two people in Gardena. Is the driver guilty of manslaughter? https://www.latimes.com/california/story/2022-01-19/a-tesla-on-autopilot-killed-two-people-in-gardena-is-the-driver-guilty-of-manslaughter
- Consumer Reports: GM, Ford are safest when it comes to automation https://www.axios.com/consumer-reports-gm-ford-are-safest-when-it-comes-to-automation-dc1d7419-429d-4851-9f2d-ce2f66fcf20c.html
- NASA Emergency Beacons Save Lives in 2021 https://scienmag.com/nasa-emergency-beacons-save-lives-in-2021/
- The Tonga Volcanic Eruption Was So Powerful It Sent Ripples Out Into Space https://www.sciencealert.com/the-tonga-volcanic-eruption-was-so-powerful-it-sent-ripples-out-into-space
- Tonga tsunami: Before and after eruption https://www.bbc.co.uk/news/world-australia-60039542
- Tonga Volcano Eruption Created Puzzling Ripples in Earth's Atmosphere https://www.scientificamerican.com/article/tonga-volcano-eruption-created-puzzling-ripples-in-earths-atmosphere/
- Why satellites are key to understanding Pacific volcano https://www.bbc.co.uk/news/science-environment-60019423
- Future trillion dollar 'space economy' threatened by debris, WVU researcher says https://scienmag.com/future-trillion-dollar-space-economy-threatened-by-debris-wvu-researcher-says/
- NASA upgrades its asteroid hazard software SENTRY II to account for impact of sunlight on orbits https://www.space.com/nasa-hazard-assessment-software-sunlight
- City of Toronto real time snowplow map https://www.toronto.ca/services-payments/streets-parking-transportation/road-maintenance/winter-maintenance/plowto/
- Drivers stuck along major Toronto-area highways as winter storm blasts southern Ontario https://globalnews.ca/news/8516392/toronto-highways-401-drivers-stuck-ontario-winter-storm-weather/
- These images show scale of snowstorm in Toronto and parts of Ontario https://www.ctvnews.ca/climate-and-environment/these-images-show-scale-of-snowstorm-in-toronto-and-parts-of-ontario-1.5742781
- Two people injured in 10-vehicle collision on Highway 400 between Barrie and Innisfil https://barrie.ctvnews.ca/two-people-injured-in-10-vehicle-collision-on-highway-400-between-barrie-and-innisfil-1.5751386
- France Becomes The First Country to Ban All Five Pesticides Linked to Bee Deaths https://returntonow.net/2019/01/24/france-becomes-the-first-country-to-ban-all-five-pesticides-linked-to-bee-deaths/
- Climate crisis drives Mediterranean coral populations to collapse https://scienmag.com/climate-crisis-drives-mediterranean-coral-populations-to-collapse/
- We Have Breached The Safe Planetary Limit For Synthetic Chemicals, Scientists Warn https://www.sciencealert.com/synthetic-chemicals-aren-t-just-pushing-earth-s-boundary-they-ve-crossed-it
- Plastic crisis needs binding treaty, report says https://www.bbc.co.uk/news/science-environment-60026748
- Scientists want Ottawa to scrap carbon capture tax credit https://www.cbc.ca/news/science/carbon-capture-tax-credit-1.6321458
- Watch an Orca Pod Free a Humpback Whale From a Coil of Rope, Possibly Saving Its Life https://www.sciencealert.com/a-pod-of-orcas-freed-a-humpback-whale-from-a-coil-of-rope-possibly-saving-its-life

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

The spread, curves, spikes, waves, reinfection, and variant strains:
- Will Omicron Leave Most of Us Immune? https://www.theatlantic.com/health/archive/2022/01/omicron-wave-immunity/621324/
- Omicron wave may have peaked, but ICU numbers still rising steeply, says Tam https://www.ctvnews.ca/health/coronavirus/omicron-wave-may-have-peaked-but-icu-numbers-still-rising-steeply-says-tam-1.5749477
- People Are Hiding That Their Unvaccinated Loved Ones Died of COVID https://www.theatlantic.com/family/archive/2022/01/unvaccinated-covid-deaths-secret-grief/621269/
- In Sewage, Clues to Omicron's Surge https://www.nytimes.com/2022/01/19/health/coronavirus-omicron-wastewater.html
- Toronto launches pilot project to collect COVID-19 data from wastewater https://globalnews.ca/news/8524733/toronto-pilot-project-covid-19-data-wastewater/
- 67% of Canadians believe fully-vaccinated population still won't stop Omicron's spread: Ipsos poll https://globalnews.ca/news/8528764/canadians-covid-vaccines-boosters-opinion-survey-january-omicron/
- COVID protocols slack in Toronto real estate showings, tenant says https://globalnews.ca/news/8523700/covid-protocols-toronto-real-estate-showings-tenant/
- Australia reports deadliest day of COVID-19 pandemic as hospitalizations break record https://globalnews.ca/news/8518832/australia-covid-omicron-deaths/
- Reality check: Could mail from Canada to China spread Omicron? https://globalnews.ca/news/8518482/china-canada-mail-omicron-covid/
- Czech folk singer dies after intentionally catching COVID-19 https://globalnews.ca/news/8524409/hana-horka-czech-singer-covid-death/
Guidance, Response, and Recovery:
- COVID-19 health messaging: triumph or train-wreck? Experts reflect on past 2 years https://globalnews.ca/news/8511592/covid-19-health-messaging-triumph-train-wreck/
- Coronavirus: Austrian parliament approves mandatory vaccination order https://www.bbc.co.uk/news/world-europe-60077767
- N.S. first province to recommend both nose and throat swabs for COVID-19 rapid tests https://globalnews.ca/news/8529173/n-s-first-province-to-recommend-both-nose-and-throat-swabs-for-covid-19-rapid-tests/
- Gyms, bars closed indefinitely ahead of B.C. health officials' Tuesday COVID update https://globalnews.ca/news/8517872/bc-covid-update-tuesday-restrictions/
Treatments, Testing, Triage, Trials, and things we Learned:
- Ontario to receive 10,000 courses of Pfizer's Paxlovid COVID-19 pill in January https://globalnews.ca/news/8517556/ontario-paxlovid-covid-pill/
- 'Superpower' nano bubbles could treat, prevent current and future strains of SARS-CoV-2 https://scienmag.com/superpower-nano-bubbles-could-treat-prevent-current-and-future-strains-of-sars-cov-2/
- Doctors planned to take a covid patient off a ventilator. With 48 hours' notice, his wife got a judge to stop them. https://www.washingtonpost.com/nation/2022/01/19/minnesota-wife-lawsuit-hospital-husband-covid/
Immunity and Vaccinations:
- Booster jab gives 90% Covid protection, study says https://www.bbc.co.uk/news/world-us-canada-60091898
- Free to the world, a new COVID vaccine could help immunize low-income countries https://globalnews.ca/news/8506238/covid-vaccine-low-income-countries-corbevax/
- Those who had COVID-19 and are vaccinated have best protection, study finds https://globalnews.ca/news/8525633/covid-19-prior-infection-study/
- Vaccine used in much of the world no match for Omicron variant https://scienmag.com/vaccine-used-in-much-of-the-world-no-match-for-omicron-variant/
- One chart shows how well vaccines and boosters protect against severe Omicron compared to Delta https://www.businessinsider.com/how-well-do-boosters-vaccines-protect-omicron-chart-2022-1
- Striking new data shows vaccines have protected New Yorkers very well against Omicron so far https://www.businessinsider.com/charts-vaccines-protected-new-yorkers-from-omicron-variant-2022-1
- Vaccination may lower risk of 'long COVID' studies say - but experts aren't so sure https://globalnews.ca/news/8525074/long-covid-vaccine-protection/
- Things we learned:
- UBC scientists unveil world's first molecular-level analysis of Omicron spike protein https://scienmag.com/ubc-scientists-unveil-worlds-first-molecular-level-analysis-of-omicron-spike-protein/
- Researchers simulate SARS-COV-2 transmission and infection on airline flights https://scienmag.com/researchers-simulate-sars-cov-2-transmission-and-infection-on-airline-flights/
- Machine learning model uses blood tests to predict COVID-19 survival https://scienmag.com/machine-learning-model-uses-blood-tests-to-predict-covid-19-survival/
- Fact-Checking, COVID-19 Misinformation, and the British Medical Journal https://www.eff.org/deeplinks/2022/01/fact-checking-covid-19-misinformation-and-british-medical-journal
Compliance:
- The Silent, Vaccinated, Impatient Majority https://www.theatlantic.com/international/archive/2022/01/politicians-against-unvaccinated-djokovic/621242/
- 40 Ontario physicians currently being investigated for COVID-19 issues: College https://globalnews.ca/news/8524589/ontario-physicians-investigation-covid-19/
- Doctors undermining COVID-19 fight need regulation, not 'meaningless' statements: experts https://globalnews.ca/news/8527127/doctors-covid19-christine-elliott/
- A passenger who refused to wear her mask forced a London-bound American Airlines flight to return to Miami https://www.businessinsider.com/woman-refused-wear-mask-caused-london-flight-turn-back-miami-2022-1
- Anti-vax protests: 'Sovereign citizens' fight UK Covid vaccine rollout https://www.bbc.co.uk/news/59870550

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

Innovations & Inventions:
- A new flexible thermoelectric device can wrap around pipes and other hot surfaces and convert wasted heat into electricity. https://scienmag.com/a-new-flexible-thermoelectric-device-can-wrap-around-pipes-and-other-hot-surfaces-and-convert-wasted-heat-into-electricity/
- Development of a lithium-air battery with an energy density over 500 wh/kg https://scienmag.com/development-of-a-lithium-air-battery-with-an-energy-density-over-500-wh-kg/
- Europe's first quantum computer with more than 5,000 qubits launched at Jülich https://scienmag.com/europes-first-quantum-computer-with-more-than-5000-qubits-launched-at-julich/
- A new approach to a $1 million mathematical enigma the Riemann zeta function https://scienmag.com/a-new-approach-to-a-1-million-mathematical-enigma/
- Explainable AI method uses records from 77 million U.S. health visits to generate "multimorbidity networks" to explore cardiovascular disease https://scienmag.com/explainable-ai-method-uses-records-from-77-million-u-s-health-visits-to-generate-multimorbidity-networks-to-explore-cardiovascular-disease/
- Using ice to boil water: Researcher makes heat transfer discovery that expands on 18th century principle https://scienmag.com/using-ice-to-boil-water-researcher-makes-heat-transfer-discovery-that-expands-on-18th-century-principle/
Other:
- No takers on quiz show question on Prince Edward Island https://globalnews.ca/news/8526032/jeopardy-pei-question/
- The 25 Greatest Horror Comedies of All Time https://www.mentalfloss.com/article/652363/best-horror-comedy-movies
- Sit Back and Enjoy 2 Glorious Hours of Seinfeld Bloopers https://www.mentalfloss.com/article/654272/watch-seinfeld-bloopers-2-hours-supercut
- New breakfast cereals from AI https://www.aiweirdness.com/new-breakfast-cereals-from-ai/
- SpaceX Satellites Have Invaded Astronomers' Views of The Sky, And It's Getting Worse https://www.sciencealert.com/study-shows-that-satellites-are-already-interrupting-20-of-twilight-observations
- Remember When Life was Found in a Martian Meteorite? Turns out, it was Just Geology https://www.universetoday.com/154084/remember-when-life-was-found-in-a-martian-meteorite-turns-out-it-was-just-geology/
- The Moon That Resembles The Death Star Has Been Hiding Another Epic Secret https://www.sciencealert.com/evidence-for-a-liquid-ocean-has-been-uncovered-in-saturn-s-death-star-moon
- If Launched by 2028, a Spacecraft Could Catch up With Oumuamua in 26 Years https://www.universetoday.com/154028/if-launched-by-2028-a-spacecraft-could-catch-up-with-oumuamua-in-26-years/
- A Moon Might Have Been Found Orbiting an Exoplanet https://www.universetoday.com/154027/a-moon-might-have-been-found-orbiting-an-exoplanet/
- A Star Passed too Close and Tore Out a Chunk of a Protoplanetary Disk https://www.universetoday.com/154056/a-star-passed-too-close-and-tore-out-a-chunk-of-a-protoplanetary-disk/
- Astronomers Have Identified a New Kind of Supernova We Never Knew Existed https://www.sciencealert.com/astronomers-have-identified-a-new-kind-of-supernova-in-stars-thought-to-have-quiet-deaths
- A New Study Calculates The Number of Black Holes in The Universe. It's a Lot https://www.sciencealert.com/new-study-calculates-the-number-of-black-holes-in-the-universe-it-s-a-lot
- What Is Spacetime Really Made Of? https://www.scientificamerican.com/article/what-is-spacetime-really-made-of/

This Week's [in]Security - Issue 249

CG Blogger : Jan 9, 2022 7:59:00 AM

Welcome to This Week’s [in]Security. Skimmers, Training, Payments. Big-Hacks: Log4shell, EOL impediments, prevention, Log4-like vulns. New...

7 min read

This Week’s [in]Security – Issue 70

CG Blogger : Jul 30, 2018 10:07:00 PM

Welcome to This Week’s [in]Security. We’ve collected and grouped together a selection of this week’s news, opinions, and research. Quickly skim...

[in]security NIST GDPR

1 min read

This Week's [in]Security - Issue 254

CG Blogger : Feb 13, 2022 7:59:00 AM

Welcome to This Week’s [in]Security. PCI and payments: PCI updates, Skimmers, Carders, Payments, Training & events. New breaches, New Ransomware:...

[in]security Bill C11 CIA Bill S-210

This Week's [in]Security - Issue 251

This Week's [in]Security - Issue 249

This Week’s [in]Security – Issue 70

This Week's [in]Security - Issue 254

Services

About Us

Knowledge Base

Contact