X-Industry

ONUS, the Vietnamese crypto trading platform, recently experienced an attack stemming from the Log4j vulnerability (CVE-2021-44228).[1] ONUS allows users to trade crypto currencies through their app which is available for iOS and Android. The organization has grown significantly in the past 18 months since the app’s launch in March of 2020, with a large portion of users in Vietnam, Nigeria, and the Philippines.[2]

Financial organizations and crypto platforms in particular are juicy targets for a

Considering the sensitive information it holds, it is no wonder that the financial services industry continues to be one of the most targeted critical infrastructure sectors by current cyber-criminals.  Recent societal and technological changes during 2021 have made matters worse.

The ongoing COVID-19 pandemic has created a ripe target field for cyberthreats as industries and individuals alike became vulnerable as they wrestled with remote working practices, mass digital disruption, and widening

A supply-chain campaign infecting Sotheby’s real-estate websites with data-stealing skimmers was recently observed being distributed via a Brightcove cloud-video platform instance:  https://www.brightcove.com   According to Palo Alto Networks’ Unit 42 division, researchers noticed that most of the activity affected real-estate-related sites.  At least 100 of them were successfully infected.

A full list of affected websites can be found here:
https://github.com/pan-unit42/iocs/blob/master/Skimmer

Mailing Malware.  You just can’t make this up: but the oldest cyber threat tactic is back again.   A cybercrime group has been mailing out USB thumb drives in the hope that recipients will plug them into their PCs and install ransomware on their networks, according to the FBI.  The USB drives contain so-called 'BadUSB' attacks.  They were sent in the mail through the US Postal Service and United Parcel Service.  One type contained a message impersonating the US Department of Health and Human Ser

Activity Summary - Week Ending on 7 January 2022:

• Red Sky Alliance identified 25,112 connections from new IP’s checking in with our Sinkholes
• 227.12[.]174 x 182
• Analysts identified 1,148 new IP addresses participating in various Botnets
• (5) Ransomware Attack Techniques
• CVE-2021-42278 and CVE-2021-42287
• Lapsus$
• Omicrom Scams
• ONUS Attacked by a Log4j Version
• Insider Threats
• Walmart, Part II
• Sunrise Movement

Link to full report: IR-22-007-001_weekly007.pdf

Our friends at the National Defense Transportation Association (NDTA) shared a PowerPoint from the BIO-ISAC that explains recent cyber-attacks on Bio-Manufacturing research and development companies.  A serious APT attack has been identified in the biomanufacturing sector that has been found within a pharmaceutical company that is involved in COVID-19 therapeutics, as well as another pharmaceutical company.

The APT is named Tardigrade and was publicly announced on 22 November 2021.  As with any

Cyber security investigators have reported that replicable attacks and a low barrier to entry will ensure the rate of supply chain attacks increases in 2022.  The supply chain is a consistent attack vector for threat actors today. By compromising a centralized service, platform, or software, attackers can then either conduct widespread infiltration of the customers and clients of the original singular victim or may choose to cherry-pick from the most valuable potential targets.  This can save cy

US Department of Agriculture (USDA) analysts have reported that China, with less than 20% of the world's population has managed to stockpile more than half of the globe's corn and other grains, leading to steep price increases across the planet and dropping more countries into famine.  COFCO Group, a major Chinese state-owned food processor, runs one of China's largest food stockpiling bases, at the port of Dalian, in the northeastern part of the country.  It stores beans and grains gathered fr

When Facebook changed its name to “Meta Platforms” in October 2021,[1] the word ‘metaverse’ moved from the domain of techno geeks to the mainstream.  There is no single definition of the metaverse, which is a portmanteau word combining ‘meta’ meaning ‘beyond/after’ in Greek, and ‘universe’.  It is a hypothesized iteration of the internet.  The most common description of the metaverse is a virtual-reality space or an alternative economy or world in which users can interact with other users within

Humanoid robot called “Jia Jia” was created by a team of engineers from the University of Science and Technology of China and was presented at a conference in Shanghai at the beginning of 2017.  Jia Jia can hold a simple conversation and make specific facial expressions when asked, and her creator believes the eerily lifelike robot heralds a future of cyborg labor in China. This was five years ago and was billed as China’s first human-like robot.  2022 - The Brave New World is in full force.

Ji

The Year 2021 was on fraught with numerous cyber attacks and ransomware lead the list.  Here is a look back at the biggest cyber incidents of 2021.  Over the past couple of years, it has become hard to ignore that the digital life we all live in is completely exposed to cybercriminals. Hackers are happy to take almost any opportunity to make money or have fun, from creating free gym memberships for their entire family to hacking into the energy systems of different countries.  Even though the ye

Tens of thousands of devices around the world, including many industrial control systems (ICS) and government computers, have been targeted in what appears to be an espionage campaign that involves a new piece of malware now named PseudoManuscrypt, Kaspersky recently reported. Manuscrypt, aka NukeSped, is a family of malware tools that have been used in espionage campaigns in the past. One such was a February spear-phishing campaign linked to Lazarus a prolific North Korean APT that used the Man

A US republican senator will soon introduce a bill that, for the first time, attempts to regulate the cryptocurrency space. The bill would reportedly add investor protections, rein in Stablecoins,[1] which are pegged to a stated currency, and create a self-regulatory body under the jurisdiction of the US Securities and Exchange Commission and its sister agency, the Commodity Futures Trading Commission.

The proposal stems from a Wyoming senator who is a longtime crypto-evangelist and one of two U

Activity Summary - Week Ending on 30 December 2021:

• Red Sky Alliance identified 18,056 connections from new IP’s checking in with our Sinkholes
• 77-88-9-11.spider.yandex.com
• Analysts identified 4,095 new IP addresses participating in various Botnets
• Chaos in Japan
• SonicWall
• An Albania Hit, Aagain
• Five Eyes on Log4j
• Chinese Propaganda in Full Force
• Ireland is getting Serious
• Healthcare at Risk, Still
• Free Peltier

Link to full report: IR-21-364-001_weekly364.pdf

With apologies to the interesting Discovery Channel series “MythBusters,” here are some cyber security myths that need to be retired.  With the growing awareness about cybersecurity, many myths of cyber security are still prevalent. These misconceptions can be a barrier to effective security.  The first step to ensure the security of your business is to separate the false information, myths, and rumors from the truth.[1]

Myth #1 — Instituting excessive cyber security diminishes productivity.

The

With Bitcoin recently surpassing $50,000.00, crimes involves that e-currency is getting really expensive.  Recently, more than $154 million in funds stolen from Sony Group Corp., based in Tokyo Japan was recovered after an insider allegedly embezzled money and converted it to Bitcoin.  This reported by the US Department of Justice.  The US government has filed a civil action lawsuit in federal court to return the funds to Sony.  Following an investigation by the FBI, authorities allege that Rei

Synthetic ID fraud or SIF has grown in popularity among bad actors over the years, with US companies reporting losses of $20 billion in 2021 compared to $6 billion in 2016. Cybersecurity and fraud experts discuss why this type of fraud has gained traction, how fraudsters use it, mitigation steps, and what we can expect in 2022.   SIF-deploying threat actors use automation and artificial intelligence to evade traditional identity verification solutions, according to synthetic identity fraud solut

Addictive “brain hijacking” methods used by social media giants to keep users on their platforms have harmful effects, particularly on children, according to an industry insider who says the companies may be violating child protection laws and consumer protection laws by employing such techniques.  This researcher, who has over 35 years of experience in the tech and telecom industry, recently testified before Congress, speaking to members about some of the deceptive practices used by social medi

Wall Street, especially the insurance markets, is very concerned about the cyber security risks that state and local governments are facing, including a cascade of ransomware attacks targeting a public sector which is still struggling with how to manage more and more on-line services during the never ending COVID-19 pandemic. 

“The landscape is changing quite rapidly right now, from the cybersecurity insurance and the threat landscape side, which leaves local governments in the middle dealing wi

Since the beginning of COVID-19, now well over a year, some company managers thought that people would come flocking back to the office once generous unemployment benefits ended.  Instead, after Republican states cut the $300-a-week Federal benefit and other benefits expired, there has been no rush to return to the workforce.  There are many reasons for this.  People do not want to catch COVID-19 and new variants; people are sick of their bad jobs; early retirement; and the one I care about toda