Translating Cyber for Healthcare, Legal, Edu & Finance Sectors.
David Mauro
Advanced I.T. & Cybersecurity Services???NetGain Technologies???Security Awareness-as-a-Public-Service???Cyber Crime Junkies Podcast???
News. Insight.
Vigilance, Vol 2. Latest cyber crimes in the news with insider insight giving you the best cybersecurity practices for business, how to avoid million-dollar mistakes, and top new ways to protect your identity online today.
Individual Protection & Organizational Protection
Individually: experts agree one simple task can help alleviate most woes and protect you from identity theft: freeze your credit this holiday season.
We also suggest using these sites when shopping:
Organizationally: No organization is too rural or too small. Well-intentioned people operating organizations of every kind, size and industry are everywhere, rich with critical data and access needed to grow a brand. Each is a prime target for cyber criminals.
We see daily how?cyber criminals are winning.
Let's change that.
Center Stage News & Insight.
Responsible Artificial Intelligence
Since the boom of generative AI and the commoditization of its use, there are countless stories of threat actors leveraging achine learning and AI models for harm. There are even more stories of users inadvertently using generative AI, resulting in exposure of confidential trade secrets, source code and more.
Rather than taking a back seat to the market, the leading cyber agencies in the U.S., U.K. and 16 other countries worked tirelessly to create guidelines for the responsible use of AI in various industries.
Taking center stage this month is the recent CISA AI Guidelines.
A total of Eighteen (18) countries have signed an agreement on AI safety, based on the principle that it should be "secure by design".
The guidelines, established in the US by CISA are below. The aim mainly at providers of AI systems. The initiative is to drive developers to be required to invest in new safeguards in the products they bring to market that include elements designed to protect customers.
The guidelines require providers of AI systems to illustrate that they understand risks and threat modeling, as well as the trade-offs that need to be considered around system and model design— including supply chain security, documentation and asset and technical debt management.
The new CISA A.I. Guidelines here
Cyber Crime News
A New Frontier of Cyber Crime: Filing Regulatory Complaints Against Victims?
There is a new level of severity being launched against organizations. We mentioned it in the last edition of Vigilance, and it involves cyber crime gangs now reporting compliance violations on their victims.
Cyber Criminals are now reporting compliance and regulatory violations on their victims.
We reported last week on Dark Web postings from AlphaV/BlackCat (famous for the MGM/Caesars attack they coordinated with Scattered Spider) that in their cyber attack against Meridianlink they conducted the following techniques:
Should the victim not negotiate or pay the ransom, they filed an SEC Complaint for Regulatory violations (here-not disclosing to the SEC within the new 4-day notice window)
This new approach raises questions of a new emerging threat.
Finance Sector Cyber News
ALPH-V/BlackCat did it again this past weekend. Fidelity National Financial, which provides title insurance and settlement services for the mortgage and real estate industries, shut down some of its services due to a breach which affected real estate agents and homebuyers.
The results were reports across socials, the dark web and in the media that real estate closing had halted, buyers had lost access to funds, title contingencies and more.
Real Estate News reported that the breach stopped scheduled closings, which left agents and homebuyers “scrambling for solutions” as they have been told that the systems needed to complete their transactions won’t be available until Sunday.
Here Fidelity filed with the SEC 2 days after the breach and while BlackCat took claim to the breach they have not yet released details.
"Before disclosing whether or whether we have [not] collected any data, we will allow Fidelity further time to get in touch," BlackCat said. "Wouldn't want to disclose every card at this early stage."
Security experts have speculated that the entry point into FNF systems was potentially caused by exploits of a critical vulnerability affecting Citrix Netscaler devices, dubbed "CitrixBleed."
Find more on this developing story
SCATTERED SPIDER
The notorious hacking group, Scattered Spider, known for its sophisticated ransomware attack on MGM, has reaffirmed its threat to large enterprises as it continues to exploit weaknesses in cloud service providers, according to a recent report by ReliaQuest.
In their latest attack, the group successfully stole credentials from a help-desk employee and used a socially-engineered Multi-Factor Authentication (MFA) fatigue attack to gain access to an organization's on-premise network. As Scattered Spider's tactics evolve, authorities warn of potential copycat attacks and urge enterprises to strengthen security protocols, implement rigorous identity verification, and stay vigilant of emerging threats
U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem
U.S. cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that's known to employ sophisticated phishing tactics to infiltrate targets. Scattered Spider average ages are between 17-23 and they are behind effective social engineering campaigns (circa OKTA, MGM, Caesars Casinos and many, many more)
Learn more about this international threat with US ties here
Healthcare Sector Cyber News & Insight
Crossing-The-Line: IT Vendor Causes Own Healthcare Breaches-for Business.
In a shocking fall-out to a true cyber crime story, Vikas Singla, former COO of Atlanta-based cybersecurity firm Securolytics, has pleaded guilty to orchestrating cyberattacks on two local hospitals to drum up business for his company in 2018.
He breached hospitals in order to drum up business for hus cybersecurity firm.
The former chief operating officer (COO) of a cybersecurity firm who hacked two hospitals in an attempt to win business has changed his plea to guilty in an attempt to avoid a lengthy jail term.?
On September 27, 2018, two hospitals suffered cyber attacks taking down their phone systems and printers. The two are part of Gwinnett Medical Center (GMC) in Georgia. The phones were used by doctors and nurses for internal communication, including code blue emergencies. More than 200 handheld devices were disabled.
On the same day, access was gained to a digitizing device that was connected to a mammogram machine, and then the confidential data of approximately 300 patients was stolen. This included their names, date of birth, and sex.
The stolen data was then sent to more than 200 network printers in the hospitals with the message “We Own You”.
A few days later, a Twitter account was used to post 43 messages, each of which included patient details stolen from the digitizing device to increase publicity about the cyberattack.
领英推荐
At the time of the attacks, Vikas Singla was the COO of the cybersecurity company Securolytics.
He later admitted to orchestrating the whole fake "breach".
Singla is set to agree to pay nearly $818,000 in restitution and may potentially avoid a 10-year prison sentence due to his medical conditions.
His sentencing is set for February 15, 2024.
One in four Americans have had their health data compromised this year
Cyber attacks in the healthcare industry are only getting more common. With a rise in ransomware attacks and other hacking efforts, nearly 87 million patients have been affected. What will stem the tide? Find details here
LEGAL Cyber News
For attorneys and the law firms the serve, reputation is everything.
Being in the news for a large verdict is street cred, but being in the news for a data breach is poison. There are ample options for clients to choose from and when private, VERY PRIVATE, data gets leaked, data that never should be leaked like attorney-client privilege or intellectual property or future M & A details, the results often are far-reaching and negatively impact a firm long-term.
This year we have seen small and large firms alike hit the news.
It’s not just a U.S. problem either. In the UK and France, national cybersecurity agencies have issued a warnings that law firms should upgrade their security posture now, not later, to defend against ransomware and other exploit attacks.
Financially-crippling litigation also follows against these law firms. ABoveTheLaw.com reports, In July, we learned that three top 50 law firms had been breached: Kirkland & Ellis, K&L Gates, and Proskauer Rose. All were breached by the ransomware group Clop. If these very large firms could be breached, who is safe?
Also breached were Loeb & Loeb (the incident occurred in 2022) and Orrick, Herrington & Sutcliffe (breached in the first quarter of 2023).
Class Action Suits Have Followed 2023 appears to be the year in which class action firms have discovered fertile ground in law firm data breaches. As of July 2023, five class action suits have been filed against Bryan Cave; Cadwalader, Wickersham & Taft; Smith, Grambrell & Russell, as well as two smaller firms – Cohen Cleary and Spear Wilderman. To find more you can find it here
In the UK, the law firm Allen & Overy has suffered a cyber security attack. Ransomware group LockBit added A&O to their victim list. You can check out details here
Kansas Struck by a Storm of Cyber Crime
Recently, the Kansas Supreme Court disclosed that the states court system had been subjected to an advanced cyberattack by a foreign threat actor last month, resulting in the theft of sensitive data, which the attacker threatened to leak online, The Kansas City Star reports. Operations at the Kansas Court System have also been disrupted by the incident, which impacted systems for court fee payments and marriage license applications.
While an investigation into the extent of the breach is still underway, an early review revealed the compromise of data including, files belonging to the Office of Judicial Administration and district court case records on appeal. Find more Details here?
Vendor Liability Hits UK Law Firms
The Legal industry is also not immune from supply chain attacks. Recently, The Record reported that CTS, an IT MSP (managed service provider) for law firms is “urgently investigating” a breach that disrupted service to them and, in turn, their law firm clients who are reporting widesoread disruption in accessing phone, emails, or case management systems.
Industry news outlet Estate Agent Today reported that CTS was hacked through the CitrixBleed bug which U.S. officials have warned is being exploited by both state-sponsored and cybercriminal groups.
Initial reports estimate between 200 and 80 law firs are likely effected.
Follow this story here.
Critical Infrastructure News & Insight
NATIONAL SECURITY RISK FOUND
The Idaho National Laboratory, a nuclear research lab, has allegedly been breached by SiegedSec.
The cyber criminal group claims to be in possession of PII belonging to users, employees, and citizens.
What makes this a major concern for many is that, according to Cyberscoop, “the scientists at INL work on some of the United States’ most sensitive national security programs.
This includes protecting critical infrastructure like the U.S. power grid from cyber and physical attacks. Personal data such as detailed employee and banking information would represent a treasure trove for foreign intelligence agencies looking to penetrate the lab.”
Check out details here
Hackers Hijack Industrial Control System at US Water Utility?
It is relatively rare instance, a Municipal Water Authority of Aliquippa in Pennsylvania confirms that hackers took command and control over a booster station.
When most people think of the US critical infrastructure, they envision enterprise-level organizations, but most of it are small municipal or local regional organizations with minimal budgets and very few security measures in place.
This, among other facets, are cause for concern here in the US. While in this instance there was no further breach disclosed nor risk to drinking water or water supply, it is the beginning of critical issues. Read details here
Stay Vigilant,
David Mauro,?Strategic Director-Central U.S Region,
Konica Minolta Cybersecurity Services
(614) 584-4583
Intelligent Cybersecurity Services:?24/7 SOC~MSIEM/MDR~MEDR~VMaaS~IR Planning~Ethical Hacking/Pen Testing~Managed & Live Security Awareness Trainings
Contributing editors in this Volume included Mark Mosher and Logan Pottberg IT Security Consultants with Konica Minolta Business Solutions U.S.A., Inc.
Miss our past Newsletter Editions?
Find more here:
For more Insight and Interviews with Global CISOS, Security Researchers, Cyber Experts, FBI Agents and Business Leaders find them on?CyberCrimeJunkies.com.
Check out the?Podcast?(Apple, Spotify,?everywhere)
Twitter/X?@CyberCrimeJunky
Help us grow our Channel on YouTube?by kindly Subscribing for free Cyber Crime Junkies Podcast
Thanks for Subscribing to Vigilance. Sharing recent insight in Cybersecurity from News, Dark Web & Media.
?? Trusted EQ Thought Leader | Emotional Resilience Coach | Designing Emotional Firewalls for Digital Safety & Well-being ?? | Championing Cyber Resilience as a Cultural Revolution | Let’s Connect & Collaborate ??
10 个月Thank you! Great place to stay up to date on the latest cyber news!
Cybersecurity Client Executive @ BlueVoyant | Specializing in MDR / SIEM, Supply Chain Defense, Digital Risk Protection
10 个月Thanks for creating David Mauro Always a race to stay up to date!