Cybersecurity News of the Week, January 5, 2025

Cybersecurity News of the Week, January 5, 2025

SecureTheVillage SecureTheVillage

SecureTheVillage

Making Los Angeles the cyber-safest metro region in the US for smaller businesses, nonprofits, families and individuals.

发布日期: 2025年1月6日
+ 关注

This week's essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned. Designed to educate, support, and advocate. Now includes Weekend Patch Report.


Stan's Corner

Welcome to 2025. Last week, we focused on the growing cybersecurity threats to smaller businesses and nonprofits—organizations that often lack the knowledge and resources they need to protect themselves effectively.

Today, I want to emphasize that each and every one of us has a role to play in safeguarding these vital pillars of our community.

From IT service providers and information security professionals to attorneys, insurance brokers, bankers,and consultants, it truly takes a village to secure the village. Why?

Because cybersecurity isn’t just a technology issue—it’s a community issue.

Our smaller businesses and nonprofits need more than software; they need guidance on legal compliance, insurance protection, financial safeguards, and strategic planning.

They need all of us speaking as one voice to our clients and customers.about cyber-risk and the need to implement reasonable security practices. That’s where all of us come in.

And that’s why I encourage you to join us January 30 for SecureTheVillage’s 5th Annual Reasonable Security Summit, co-produced with the Center for Internet Security . Whether you attend in person at westdridge Manhattan Beach or online, you’ll learn firsthand how “reasonable security” translates into real-world strategies that protect operations, finances, and reputations.

We’ll tackle tough questions like: What would it take to achieve a tipping point in which a critical mass of business owners and MSPs commit fully to reasonable security practices?

You’ll hear from top experts and thought leaders, including:

  • Tony Sager —Senior Vice President & Chief Evangelist, Center for Internet Security
  • Bill Leider —Managing Partner, Axies Group and SecureTheVillage Board Strategy Advisor

They’ll guide us in understanding the emerging legal and regulatory environment, the critical role of leadership in cybersecurity, and concrete steps every stakeholder can take to protect smaller organizations.

If you care about cybersecurity—here in Los Angeles or anywhere else—this is the event you can’t afford to miss. Please learn more about the 5th Annual Reasonable Security Summit and register today. Let’s come together to ensure our smaller businesses and nonprofits remain strong and resilient.

I look forward to seeing you on January 30. Until then, remember: It takes a village to secure the village?. Let’s keep working together toward a safer future for us all.

From SecureTheVillage

Register now!

Upcoming Events

  • A Reasonable Approach to Reasonable Security. January 30, 2025. SecureTheVillage's 5th Annual Reasonable Security Summit. In collaboration with the Center for Internet Security (CIS). Keynote Speakers: Tony Sager, CIS Chief Evangelist. Bill Leider, Axies Group. Westdrift Hotel, Manhattan Beach and live-streamed. Register now. Sponsorships available.

Needed Now

SecureTheVillage FREE Newsletters. Sign up or share with a friend!


SecureTheVillage Guides for families and individuals


Please Support SecureTheVillage: We need your help if we're to build a world of CyberGuardians?. Please donate to SecureTheVillage.


Cybersecurity Nonprofit of the Week

Kudos this week to the CyberPeace Institute, an independent and neutral nongovernmental organization whose mission is to ensure the rights of people to security, dignity and equity in cyberspace. The CyberPeace Institute is home to the Humanitarian Cybersecurity Center (HCC). The HCC provides expert support and practical free cyber assistance to non-governmental Organizations (NGOs), tailored to their needs and located anywhere in the world. Through its Cyber Attacks in Times of Conflict Platform #Ukraine, the CyberPeace Institute is tracking cyberattacks and operations targeting critical infrastructure and civilian objects in Ukraine. The CyberPeace Institute is a member of Nonprofit Cyber, a coalition of implementation-focused cybersecurity nonprofits including SecureTheVillage.

Learn more about sponsorship opportunities with SecureTheVillage: Contact us.

?

Section 2: Let’s Be Careful Out There. And Let’s Help Others Who Aren’t Yet Cyber-Aware.?

Another sad loss from a cyber-scam. Made all the worse because there are taxes to be paid.

  • This DC senior was tricked into draining her 401(k) — now she’s on the hook for $180K in taxes after Congress stalled relief bills to help fraud victims: Judith Boivin was a little distracted when she received the second call in two days from the “Rockville Police Department.” She figured it must be important. … The 80-year-old retired therapist was taken aback to hear her Social Security number had been flagged in a crime. She was told she needed to clear things up or she’d be facing charges. … As she told the Washington Post, Boivin was told a drug cartel had used her Social Security number to set up multiple bank accounts. She was asked if she’d be willing to be an asset for the FBI and she readily agreed to assist however she could. … Boivin believed she was working with an FBI agent named Wayne A. Jacobs — a real-life investigator — to pursue the drug cartel, but in reality, she was being fed lies and manipulated into emptying her 401(k) by scammers. Over the course of months in 2023, the scammer had her cash out over $595,000 from her retirement account. … But not only did Boivin lose her life savings to a government imposter scam — an increasingly common type of fraud — she’s now on the hook for a six-figure bill for the tax agency after cashing out her 401(k). There may be little she can do regarding the former as the fraud apparently traces to a call center based in India.


If you use Chrome, make sure you're not using any of these browser extensions. And it's a good reminder to be cautious in what extensions you run.

  • Over 600,000 Chrome users at risk after 16 browser extensions compromised by hackers — what you need to know: In the same way that malicious apps can end up on your phone, your browser and by extension, your computer can be infected after installing a risky extension in Chrome. Likewise, even legitimate extensions can turn malicious when tampered with by hackers. … As reported by The Hacker News, a dangerous new campaign targeting browser extensions has been spotted online. So far, at least 16 extensions have been compromised, with over 600,000 Chrome users now at risk of exposing their browsing data and account credentials online. … Here’s everything you need to know about this new campaign, including a full list of all the compromised extensions so far, along with some tips and tricks on protecting yourself from falling victim to these now malicious Chrome extensions.


Section 3: Cybersecurity and Privacy News for the Cyber-Concerned.

China dominates national security news this week. An in depth story from The Wall Street Journal. And the hack of the U.S. Treasury as reported in The New York Times.

  • How Chinese Hackers Graduated From Clumsy Corporate Thieves to Military Weapons: Massive ‘Typhoon’ cyberattacks on U.S. infrastructure and telecoms sought to lay groundwork for potential conflict with Beijing, as intruders gathered data and got in position to impede response and sow chaos. … The message from President Biden’s national security adviser was startling. … Chinese hackers had gained the ability to shut down dozens of U.S. ports, power grids and other infrastructure targets at will, Jake Sullivan told telecommunications and technology executives at a secret meeting at the White House in the fall of 2023, according to people familiar with it. The attack could threaten lives, and the government needed the companies’ help to root out the intruders. … What no one at the briefing knew, including Sullivan: China’s hackers were already working their way deep inside U.S. telecom networks, too. … The two massive hacking operations have upended the West’s understanding of what Beijing wants, while revealing the astonishing skill level and stealth of its keyboard warriors—once seen as the cyber equivalent of noisy, drunken burglars. … China’s hackers were once thought to be interested chiefly in business secrets and huge sets of private consumer data. But the latest hacks make clear they are now soldiers on the front lines of potential geopolitical conflict between the U.S. and China, in which cyberwarfare tools are expected to be powerful weapons.
  • China Hacked Treasury Dept. in ‘Major’ Breach, U.S. Says: The episode comes at a particularly sensitive moment, just as the Biden White House is dealing with one of the most far-reaching, and damaging, hacks into American infrastructure in the cyberage. … One of China’s intelligence agencies hacked the U.S. Treasury Department, gaining access to the workstations of government employees and unclassified documents, the Biden administration said on Monday, the latest in a series of embarrassing surveillance operations against major American institutions. … It was unclear from the Treasury’s limited first account of the episode exactly what the hackers were seeking. But senior officials with access to the intelligence on the breach said that it appeared to be entirely an espionage operation and not part of other Chinese efforts to insert malicious computer code into utility grids and water supply systems, giving them a capability to shut off critical American infrastructure. … The Treasury Department said it had worked with the F.B.I., the intelligence community and other investigators to determine the impact of the breach


And as if you could chase lions away with water pistols, the U.S. Treasury Department has imposed sanctions on a Chinese company involved in cyber attacks. Necessary but nowhere near sufficient.


Not to be left out, Russia and Iran were in the news as the U.S. Treasury Department imposed sanctions on each.


Big changes are in store for healthcare security if the Trump Administration maintains them.

  • New HIPAA Cybersecurity Rules Pull No Punches: Healthcare organizations of all shapes and sizes will be held to a stricter standard of cybersecurity starting in 2025 with new proposed rules, but not all have the budget for it. … An unmitigated revamp of healthcare cybersecurity is coming in 2025, and experts warn that the compliance burden for organizations will be steep. … From 2018 to 2023, HHS reported, large-scale healthcare breaches rose 102%, and the individuals affected rose 1,002%, primarily thanks to ransomware. 2023 set a new record, with more than 167 million individuals affected. … Last week, the US Department of Health and Human Services (HHS), via its Office for Civil Rights (OCR), proposed a long-awaited update to the Security Rule. The 400-page working draft is as serious as its length would suggest, with extensive new requirements for providers, plans, clearinghouses, and their business associates. And while the requirements are all standard best practices, experts point out that this new update is more significant and less flexible than any previous version of HIPAA has been.
  • New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits: The United States Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients' data against potential cyber attacks. … The proposal, which seeks to modify the Health Insurance Portability and Accountability Act (HIPAA) of 1996, is part of a broader initiative to bolster the cybersecurity of critical infrastructure, the OCR said. … The rule is designed to strengthen protections for electronic protected health information (ePHI) by updating the HIPAA Security Rule's standards to "better address ever-increasing cybersecurity threats to the healthcare sector."


领英推荐

A start. But nowhere near what we need to protect our private information.

  • Biden administration finalizes rule to block sale of Americans’ bulk data to adversaries:Companies will no longer be able to sell sensitive data about Americans to countries such as Russia, China and Iran under regulations set to take effect in early 2025. … The rule, proposed under an executive order in late February and finalized Friday, is intended to address the “urgent and extraordinary national security threat” created by U.S. adversaries acquiring personal data that can be used for espionage, blackmail, influence campaigns and other malicious activities, the Department of Justice said. … “This powerful new national-security program is designed to ensure that Americans' personal data is no longer permitted to be sold to hostile foreign powers, whether through outright purchase or other means of commercial access,” said Matthew Olsen, assistant attorney general for national security, in a news release. … The regulations focus on genomic, biometric, health, geolocation and financial data, as well as U.S. governmental data. They’re primarily aimed at data brokers who collect and package information about Americans for sale to anyone who wants to buy it.


This week in cybercrime, including a look back at 2024. Things are getting worse. I keep asking myself what will it take before we implement a top-to-bottom - get everyone involved - response. What's going to be our Pearl Harbor?

  • The biggest cybersecurity and cyberattack stories of 2024: 2024 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities. … Some stories, though, were more impactful or popular with our 31 million readers than others. … Below are fourteen of what BleepingComputer believes are the most impactful cybersecurity stories of 2024, with a summary of each. These stories are in no particular order.
  • Ransomware gang leaks data stolen in Rhode Island's RIBridges Breach: The Brain Cipher ransomware gang has begun to leak documents stolen in an attack on Rhode Island's "RIBridges" social services platform. … RIBridges is an integrated eligibility system (IES) used by the state to manage and deliver social assistance programs, including healthcare, food assistance, child care, and other services. … Rhode Island first learned that RIBridges was the target of an attack on December 5 after being notified by its vendor, Deloitte. … Last week, the Brain Cipher ransomware gang began leaking some of the stolen data on its data leak site. … It is believed that approximately 650,000 people were impacted by the breach and may have had their names, addresses, dates of birth, Social Security numbers, and certain banking information exposed in the attack. … Due to this data's sensitive nature, state officials advise Rhode Islanders to freeze and monitor their credit for fraudulent activity. It is also advised to be on the lookout for targeted phishing scams utilizing the stolen data that may attempt to steal further information.
  • Japan's largest mobile carrier says cyberattack disrupted some services: Japan’s largest mobile carrier, NTT Docomo, reported that it is working to restore services after a cyberattack temporarily disrupted operations on Thursday. … The Tokyo-based company said in a statement that its system was targeted by a distributed denial-of-service (DDoS) attack, which floods a network with junk traffic from multiple sources, rendering some services unavailable.
  • Bank Insiders Are Leaking Data on Client Accounts as Scams Surge: (Bloomberg) -- The new staffer was supposed to help Toronto-Dominion Bank spot money laundering from an outpost in New York. … She instead used her access to bank data to distribute customer details to a criminal network on Telegram, according to prosecutors in Manhattan. Local detectives who searched her phone allegedly found images of 255 checks belonging to customers, along with other personal information on almost 70 others. … It’s part of a little-noticed pattern popping up across US banking — from towers in Manhattan, to hubs in Florida and even suburban Louisiana. … As sophisticated scams targeting the life savings of Americans create headlines across the US, the industry’s lowest-paid employees keep getting caught selling sensitive customer information out the back door — emerging as a critical area of weakness in banks’ risk controls…. That’s an inconvenient trend as firms steadfastly argue to policymakers and the public that customers bear primary responsibility for ensuring they don’t get conned out of their savings. While many scams seemingly target people at random, some victims have said con artists who tricked them knew a lot about their finances at the outset.


Section 4: For smaller businesses and nonprofits

A well-written analysis of a recent Forrester report continues to make clear that a vital piece of securing our smaller businesses and nonprofits is the ability of IT to speak the language of business, directly connecting reasonable security practices with those things that are important to the CEO: Sales growth. Profitability. Bonus.

  • CISO vs. CEO: Making a case for cybersecurity investments: Ask CISOs why they think there is a cyber skills shortage in their organization, what keeps them up at night or what the most important issue facing the industry is — at some point, even if not the first response, they will bring up budgets. … However, it might not be the dollar amount that is the problem as much as where the budget is coming from. … CEOs think about cybersecurity differently when it is tied to IT and when the CISO reports directly to the CIO versus when the CISO can present cybersecurity as a vital cog in overall business operations and tie it directly to business risk, the Forrester report found. … “CISOs who can articulate the business value of cybersecurity, demonstrating how it can drive revenue and support strategic goals, are more likely to secure the necessary funding. This shift also reflects a growing recognition of cybersecurity’s strategic importance beyond mere IT operations,”


90% of successful cyber attacks start with a phishing scam. Train your people. Teach them. Always be suspicious. Don't enable macros. Don't enter user-ids and passwords. When in doubt, don't. Always be in doubt.

  • Corporate executives are being increasingly targeted by AI phishing scams: Experts warn executives are being hit with personalized AI phishing attacks. … . … Top businesses such as eBay and Beazley are reporting huge increases in the volume of personalized phishing attacks levied against high-level employees. … A recent report by the Financial Times, outlined the growing concerns about the growing use of AI in targeted scams against executives at major firms. … “This is getting worse and it’s getting very personal, and this is why we suspect AI is behind a lot of it,” Beazley’s chief information security officer Kirsty Kelly told the publication. “We’re starting to see very targeted attacks that have scraped an immense amount of information about a person.”
  • Cybersecurity leaders scramble to educate employees on generative AI threats: 2024 saw brand new types of generative AI-enabled digital fraud make headlines, from a deepfaked video call that cost a company $25 million to new research on how AI copilots being built into enterprise software can be weaponized as “automatic phishing machines”. Even classic phishing attacks are getting worse and getting more personal, the Financial Times reported today, thanks to AI bots’ ability to easily ingest large amounts of data about a company or person’s style and tone and then easily replicate it. They can also scrape data from a person’s online activity to make phishing emails more personal, and thus more convincing. … As generative AI swiftly upends the cybersecurity threat landscape, companies need to ensure employees are aware of the technology, its capabilities, and its risks.
  • New Windows Security Warning As Russian Cyberattacks Confirmed: With at least seven observed campaigns under its belt since 2022, threat intelligence analysts have now reported a surge in the activity of the Paper Werewolf cluster, also known as GOFFEE, which uses infected Microsoft Windows Word documents to launch mostly espionage-driven, credential-compromising attacks. Phishing emails contain an encrypted Microsoft Word document that prompts the recipient to enable macros in order to read it.


Section 5: Weekend Patch Report

Keeping your computers, smartphones, notepads and other devices patched and updated is #4 on SecureTheVillage's How Hackable Are You Guide. While patching is increasingly automated, it's important to double-check that it's being done. The following lists current versions of common software programs. Items in Bold have been updated in the past week. Updates are usually available from within the program. If not, updates can be downloaded from the company's website.


7-Zip 24.09.

Adobe Acrobat Reader2024.005.20320

AVG 24.12.3362.

Apple iOS 18.2

Apple iPadOS18.2

Apple macOSSequoia? 15.2

Apple macOSSonoma 18.2

Apple macOS Ventura18.2

Apple watchOS? 18.2

Apple tvOS 18.2

Apple visionOS 2.2

Apple Safari 18.2

Brave 1.73.104.

CCleaner 6.31.11415.

Chrome131.0.6778.205.

Discord 1.0.9175.

Dropbox 214.4.5217.

Edge 131.0.2903.112.

ExpressVPN updated to 12.95.0

Firefox 133.0.3.

Foxit Reader2024.4.0.27683.

Google Drive forDesktop 101.0.3.0.

iTunes 12.13.4.4.

KeePass 2.57.1.

Malwarebytes5.2.4.157.

Microsoft 365 &Office

Microsoft Windows

Notepad++? 8.7.5.

Opera Chromium115.0.5322.119.

Skype to8.134.0.202.

Spotify updated to 1.2.53.440.

TeamViewer 15.61.3.

Thunderbird ESR 128128.5.2.

Zoom 6.3.1.53598.

About SecureTheVillage:

The vision of SecureTheVillage is to make Los Angeles the cyber-safest metropolitan region in the United States for smaller businesses, nonprofits, families, and individuals. Making this happen takes a village.

Follow Stan Stahl, PhD on LinkedIn!

Support SecureTheVillage: We need your help if we’re to build a world of CyberGuardians?. Donate to SecureTheVillage.

It takes a village to secure the village.?

Cybersecurity News of the Week Cybersecurity News of the Week

Cybersecurity News of the Week

345 位关注者

订阅

要查看或添加评论,请登录

SecureTheVillage的更多文章

社区洞察

其他会员也浏览了