Subject: Every ISP in the US Must Block These 3 Pirate Streaming Services
A federal judge has ordered all internet service providers in the United States to block three pirate streaming services operated by Doe defendants who never showed up to court and hid behind false identities.
The blocking orders affect Israel.tv, Israeli-tv.com, and Sdarot.tv, as well as related domains listed in the rulings and any other domains where the copyright-infringing websites may resurface in the future. The orders came in three essentially identical rulings (see here, here, and here) issued on April 26 in the US District Court for the Southern District of New York.
Each ruling provides a list of 96 ISPs that are expected to block the websites, including Comcast, Charter, AT&T, Verizon, and T-Mobile. But the rulings say that all ISPs must comply even if they aren’t on the list:
In all three cases, none of the defendants responded to the complaints or appeared in court, the judge’s rulings said. “Defendants have gone to great lengths to conceal themselves and their ill-gotten proceeds from Plaintiffs’ and this Court’s detection, including by using multiple false identities and addresses associated with their operations and purposely deceptive contact information for the infringing Website,” the rulings say.
Digital Millennium Copyright Act
Source: Bleeping Computer
A credit card stealing service is growing in popularity, allowing any low-skilled threat actors an easy and automated way to get started in the world of financial fraud.Credit card skimmers are malicious scripts that are injected into hacked e-commerce websites that quietly wait for customers to make a purchase on the site.
Once a purchase is made, these malicious scripts steal the credit card details and send them back to remote servers to be collected by threat actors.
Threat actors then use these cards to make their own online purchases or sell the credit card details on dark web marketplaces to other threat actors for as little as a few dollars.
The Caramel skimmer-as-a-service. The new service was discovered by Domain Tools, which states that the platform is operated by a Russian cybercrime organization named “CaramelCorp.”
This service supplies subscribers with a skimmer script, deployment instructions, and a campaign management panel, which is everything a threat actor needs to launch their own credit card stealing campaign.
Today, Microsoft announced the launch of a new managed service category called Microsoft Security Experts. The service provides organizations with support from external security experts who can conduct tasks like threat hunting,and managed detection and response.For organizations, the service enables on-site security teams to extend their capabilities with support from off-site Microsoft experts who will investigate the environment for security incidents, and handover contextual alert information alongside remediation instructions to determine how they can respond.
This means overburdened security teams can access extra support so they can more effectively manage their security, compliance, identity, and privacy strategies.
The first Microsoft Defender Experts for Hunting will be available later this summer for organizations with a robust SOC and will help proactively hunt for threats. The second is Microsoft Defender Experts for XDR, an extended managed detection and response service that’s going into private preview this fall.
Locked outside your calendar or Gmail? Here’s how to get un-stuck—and prevent it from happening in the first place.
The web is filled with advice and shortcuts on what to do in this situation, from tapping your password manager to turning off two-factor authentication (not recommended!).
Rather than use Google’s most popular tool, Search, for the answer, we decided to ask the company directly what happens when users can’t get in and what steps they should take to recover their account. Guemmy Kim, director of account safety and security at Google, guided us through our questions.
Source: Bleeping Computer
Lincoln College, a liberal-arts school from rural Illinois, says it will close its doors later this month, 157 years since its founding and following a brutal hit on its finances from the COVID-19 pandemic and a recent ransomware attack.This decision was made even harder with the college having survived multiple disasters, including a major fire in 1912, the Spanish flu, the Great Depression, the World Wars, and the 2008 global financial crisis.
However, a December ransomware attack was the final straw that made the decision to shut down on May 13, 2022, one that just couldn’t be avoided.
This Illinois liberal-arts school is one of the few rural American colleges that the Department of Education has qualified as a predominantly Black institution, as NBC first reported.
“All systems required for recruitment, retention, and fundraising efforts were inoperable. Fortunately, no personal identifying information was exposed.
In November, a call to action from multiple US Senators asked the US Department of Education and the Department of Homeland Security (DHS) to strengthen cybersecurity defenses at K-12 schools across the nation to keep up with a massive incoming wave of attacks.
Source: The Register
US President Joe Biden has signed into law a bill that aims to improve how the federal government tracks and prosecutes cybercrime.The Better Cybercrime Metrics Act, which Biden signed late last week, requires the Department of Justice to work with the National Academy of Sciences to develop a taxonomy that law enforcement can use to categorize different types of cybercrime.
It also gives the Department of Justice two years to establish a category in the National Incident-Based Reporting System for the collection of cybercrime reports from federal, state, and local officials.
Additionally, it requires the Government Accountability Office to report on the effectiveness of existing cybercrime mechanisms and highlight disparities in reporting cybercrime data versus other types of crime data.
And it requires the National Crime Victimization Survey to add questions related to cybercrime in its surveys.
Washington’s push to improve cybersecurity reporting
The law is part of a larger push by the Feds to improve cybersecurity incident reporting, and comes amid the growing threat from Russia as Putin’s war against Ukraine grinds on.
In March, Biden signed the Strengthening American Cybersecurity Act of 2022 into law, which requires critical infrastructure owners and operators to report cyberattacks within 72 hours.
That same month, the SEC proposed a rule that would force public companies to disclose cyberattacks within four days along with periodic reports about their cyber-risk management plans.
Additionally, the Department of Homeland Security in February established a public-private Cyber Safety Review Board to review “significant” cybersecurity events and help government and the private sector better protect US networks and infrastructure.
- Advanced persistent threat
- Black Hat
- Bug Bounty
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Remote Access Trojan
- Trusted Platform Module
- Zero trust
Sample RSS feed: https://feed.theregister.com/atom?q=Cybersecurity+and+Infrastructure+Security+Agency
The Register Feeds. All our feeds are below. Click or copy a URL to your feed reader of choice.
Alternatively, check out our email newsletters.
An increasing number of recent business email compromise complaints involve the use of cryptocurrency, according to the FBI’s Internet Crime Complaint Center.
Business email compromise scams continue to grow and evolve, according to the FBI’s Internet Crime Complaint Center. Between July 2019 and December 2021, IC3 reported a 65% increase in global exposed losses, partly due to the increase in virtual business as a result of the pandemic.
BEC or email account compromise targets government agencies, businesses and individuals responsible for transferring funds. Scammers trick email or text recipients by posing as a manager or company vendor and asking them to transfer money into fake accounts.
In recent BEC scams, criminals send victims text messages that look like bank fraud alerts asking for confirmation that they transferred funds through a digital payment app. If the victim responds to the alert, the cybercriminal then calls from a number that appears to match the financial institution’s legitimate 1-800 support number. Thinking the caller is helping them reverse the fake money transfer, victims are tricked into sending payment to the criminal’s bank account.
The popularity of cryptocurrency is also spawning BEC attacks.
The ACLU filed the lawsuit in May 2020 on behalf of groups representing victims of domestic violence, undocumented immigrants and sex workers accusing Clearview of violating Illinois’s Biometric Information Privacy Act, which prohibits private entities from using algorithmic maps of citizens’ faces and other bodily identifiers without consent.
Clearview created an opt-out form allowing Illinois residents to request that their photos not show up in its search results and said it will spend $50,000 on online ads raising awareness about the form, while also filtering out photos taken in or uploaded from the state.
Clearview also agreed to stop offering free trial accounts to individual police officers without approval from their supervisors.
Subject: Canon Printer Owners Targeted With Scam Driver Websites
There are few tasks more tiresome than getting a new printer properly set up. Somehow, it never works on the first try, no matter the make or model. The device will probably function for three tries and then break down again. It is a universal frustration. But there are a few people who have experienced more lasting hardship than you’d expect while setting up their printer. Scammers have for years been preying on the unsuspecting, desperate people who need to download setup software for their new printer. And it’s a big problem for Canon, one of the world’s biggest printer brands, in particular.Gizmodo has found several fake websites run by scammers who claim to offer legit Canon printer drivers, a type of software that allows your operating system to control a specific piece of hardware. Gizmodo discovered the fake websites by filing a FOIA request with the Federal Trade Commission (FTC) for consumer complaints about Canon. FTC Complaints about Robinhood, Binance, AirBnb, Venmo, and Tinder have revealed similar patterns in the problems users face when using these internet companies’ services.
The Canon scam is specific. The complaints are filled with tales of people who were simply trying to find a Canon driver for their printers. The hapless users found themselves on a number of different sites where the fake drivers would fail to download. After that, a chat box would appear and “customer service” would offer to diagnose the problem. Sometimes, the scammers would simply ask for money to fix the imaginary problem. Other times, the scammers would lure the unsuspecting victims into handing over remote access to their computers.
Source: Fraud of the Day
Commission’s Consumer Sentinel Network Data Book reveals that 29.4 percent of complaints filed with the online database in 2020 were related to identity theft. (That’s more than any other type of fraud reported.) Amongst the many types of identity theft fraud that exist, the government documents or benefits fraud category tops the list with 406,375 reports from citizens who said their information was misused to apply for a government document or benefit. (This includes documents like birth certificates, passports, driver’s licenses, or benefits such as unemployment insurance.) The Consumer Sentinel Network Data Book also breaks down the category into subtypes and the percentage difference from 2019 including: driver’s license issued/forged (up 23%); government benefits applied for/received (up 2,920% — WOW!); other government documents issued/forged (up 42%); and, passport issued/forged (up 85%). So, what’s the bottom line here? (Sadly folks, it’s not good news.) This type of fraud is projected to continue to rise.One example of government document fraud includes Orvil Perez-Jiminez, 34, of Dundalk Md….While this all sounds very negative, there is some good news. There’s a lot you can do to protect your identity from being stolen. The Identity Theft Resource Center (ITRC) offers the opportunity to search across multiple data breaches to see if your phone number and email has been compromised. The website also gives some helpful tips that can help you protect your identity on physical documents, cards, devices, online, and on accounts with electronic access….
Other Fraud Trends: https://fraudoftheday.com/fraud-trends/ID-Theft: https://fraudoftheday.com/identity-theft-fraud/
Source: Route Fifty
Hackers that target electric vehicle infrastructure can lock drivers out of their vehicles, steal payment information and even compromise electrical grids.Electrifying the nation’s vehicles and transportation infrastructure exposes drivers and cities to new risks. If cybercriminals hack into electric vehicles, they could not only penetrate the vehicle itself, but also compromise the entire connected infrastructure — including charging stations, electrical grids, back office utilities and the cloud, according to experts at NextGov’s May 6 Cyber Defenders event.
When heavy duty vehicles start charging at multi-megawatt plazas, they can strain cities’ power systems. If these systems are not managed or secured properly, attackers can shut down electrical grids and cause blackouts for entire city blocks, Chhaya said.
Fleets of publicly owned vehicles like electric buses, trucks and emergency response vehicles are also at risk. Officials should ensure the vehicles and infrastructure are secure, as disruptions would have a major impact on city and emergency services, the panelists said.
“Every component [of EV infrastructure] is designed with very limited knowledge of how it interacts with the rest of the system,” Chhaya said. Cars have a few, specific interfaces with EV infrastructure, but they have not been designed to account for upstream actions, he said.
To ensure security on all fronts, EV infrastructure designers must ensure “that every aspect of the system – from the customer, to the endpoints, vehicles, back office utilities and cloud providers – is operating on one set of requirements,” Chayya said. “There has not been any activity that has looked at the entire system end to end.”
NEXT STORY: EV Charging Station Map Highlights Disparities
Source: NIST via beSpacific
NIST: “The National Institute of Standards and Technology (NIST) has published Digital Investigation Techniques: A NIST Scientific Foundation Review. This draft report, which will be open for public comment for 60 days, reviews the methods that digital forensic experts use to analyze evidence from computers, mobile phones and other electronic devices. The purpose of NIST scientific foundation reviews is to document and evaluate the scientific basis for forensic methods. These reviews fill a need identified in a landmark 2009 study by the National Academy of Sciences, which found that many forensic disciplines lack a solid foundation in scientific research. …
To conduct their review, the authors examined peer-reviewed literature, documentation from software developers, test results on forensic tools, standards and best practices documents and other sources of information. They found that “digital evidence examination rests on a firm foundation based in computer science,” and that “the application of these computer science techniques to digital investigations is sound.”
Download the full draft report. [82-page PDF]
Source: WIRED via beSpacific
Wired – “A surprising number of the top 100,000 websites effectively include keyloggers that covertly snag everything you type into a form. When you sign up for a newsletter, make a hotel reservation, or check out online, you probably take for granted that if you mistype your email address three times or change your mind and X out of the page, it doesn’t matter. Nothing actually happens until you hit the Submit button, right? Well, maybe not. As with so many assumptions about the web, this isn’t always the case, according to new research: A surprising number of websites are collecting some or all of your data as you type it into a digital form. Researchers from KU Leuven, Radboud University, and University of Lausanne crawled and analyzed the top 100,000 websites…
Filed in WIRED category: https://www.wired.com/category/security/
Source: Vox Recode
“Alvaro’s knowledge, experience, and energy will be a great asset to the FTC as we pursue our critical work,” Khan said in a statement. “I’m excited to begin working with him, along with our other Commissioners, once his appointment is made final by President Biden.”
Bedoya comes to the FTC from Georgetown Law’s Center on Privacy and Technology, of which he was the founding director. His nomination, made way back in September, was welcomed by privacy advocates. Bedoya said in his confirmation hearing last year that he intended to focus on privacy issues, including data and facial recognition. With no federal consumer privacy law, the FTC’s powers are limited, but it still can — and has — gone after companies for privacy issues.
Immigration and Customs Enforcement, or ICE, “now operates as a domestic surveillance agency,” according to a new report by Georgetown Law’s Center on Privacy and Technology based on a two-year investigation.The report details how, since the agency was established in post-9/11 legislation, ICE has moved beyond cooperating primarily with other law enforcement agencies to assemble an infrastructure that enables it to pull detailed information on Americans, immigrants and non-immigrants alike, with data from private data brokers and state and local governments.
ICE’s “surveillance dragnet” also uses facial recognition, especially the scanning of driver’s license photos for immigration enforcement, according to the report, which involved hundreds of Freedom of Information Act Requests and reviews of the agency’s contracting and procurement records.
Between 2008 and 2021, ICE spent about $96 million on biometrics, a category that also includes fingerprinting and DNA testing, according to the report.
The sharing of data handed over to get essential services has already created evidence of a “chilling effect,” or the deterrence of immigrants from interacting with government systems and enrolling in critical services, the report states.
The report does include recommendations, urging Congress to reform immigration laws, enact new data protections, update laws that limit the disclosure of information given by Americans to the DMV and conduct more oversight of ICE, including the agency’s use of biometrics.
It also includes recommendations for state lawmakers on the use of water, gas, electricity, phone and internet records for immigraiton enforcement and ICE access to DMV data.`
Source: Route Fifty
The survey, which polled more than 1,000 U.S. consumers, found 93% harbor concerns that a foreign country could wage cyber warfare against the U.S. Conversely, only 19% of those surveyed were “100% confident” in the government’s ability to protect citizens against cyber warfare. The survey comes amid increased reports of cyber activity in Ukraine and Russia, even as the Chinese government continues to conduct cyber campaigns into U.S. government systems.“Cyber warfare is carried out for many different reasons and between a variety of groups. Even during peacetime, we’ve seen concerted online efforts by Russia, China and others to interfere with the democratic processes of the U.S. and other allies,” Daniel Markuson, digital privacy expert with NordVPN, said in a statement. According to the survey, more than one-third of Americans (35%) are
Source: Bellingcat via beSpacific
Bellingcat: “In just a few years, TikTok has become one of the world’s most successful social networks. The company claims that its platform is used by over a billion people every month. TikTok’s role during the invasion of Ukraine has changed the common misconception of a website predominantly used by its young users to post videos of lip-synced songs or dance challenges. During Russia’s military buildup, users posted videos of military equipment being transported to the Ukrainian border. Since that equipment crossed that border, numerous TikToks have shown missiles, destroyed buildings or the daily life of Ukrainians who have to spend their days in shelters, leading some commenters to even call this a “TikTok war”. But this isn’t the first time TikTok has played a role for open source investigators. Videos that appeared on TikTok in Myanmar in early 2021 showed men in uniform threatening to kill anti-coup protesters. During search efforts to find the disappeared US travel blogger Gabby Petito, TikTokers reportedly uploaded information that helped solve the case…. TikTok’s API (Application Programming Interface) presents more obstacles to developers. It can change frequently, making it harder for developers to use and harder for researchers to draw wider insights from trends as they develop over weeks and months. Bellingcat’s Investigative Tech Team has therefore created the Bellingcat TikTok Analysis Tool (built on the basis of a TikTok scraper offered by Github user drawrowfly) that allows researchers to collect a dataset of TikToks associated with specific hashtags over lengthier periods. The tool also allows researchers to analyse what other topics appear together with selected hashtags most frequently. When reviewing large datasets, it can be particularly interesting to discover which hashtags are regularly added to TikToks which already share one specific tag. Many TikToks contain multiple hashtags, …
The Bellingcat Investigative Tech Team develops tools for open source investigations and explores tech-focused research techniques. It consists of Aiganysh Aidarbekova, Tristan Lee, Miguel Ramalho, Johanna Wild and Logan Williams. Do you have a question about applying these methods or tools to your own research, or an interest in collaborating? Contact us here.
Source: Becker’s Health IT
Web3 is touted as an inevitable game changer for the internet by advocates, while others think its overhyped project with impossible barriers to mount. This new, decentralized and blockchain backed version of the internet is worth talking about, according to a May 10 Harvard Business Review article.Web3 is a shorthand for the project that aims to change the internet by using blockchain to disrupt how information is stored, shared and owned. In theory it could break the monopolies of a select few companies who control information. Some argue that it will create new products, economies and democratize the web, creating a web that you can read, write and own.
Source: Lawfare Institute via beSpacific
Source: Beacker’s Health IT
The U.S. bioeconomy, which encomapsses the biomedical, bioindustrial and biomanufacturing world, is at risk from hackers if it doesn’t receive adequate resources to secure itself, reported Wired May 12.As cybersecurity becomes a bigger issue for a broader variety of companies, organizations part of the bioeconomy are now realizing that they are vulnerable to cyberattack. Political actors alongside hackers looking for cash may be targeting bioeconomy companies. For example, Russia and China both raced to hack vaccine makers for intelligence gathering throughout the pandemic, which could have been disruptive to operations.
While some parts of the industry, including healthcare and agriculture, are designated as critical industries, the entirety of the bioeconomy is not given its far reaching nature. Instead it is given the label “critical emerging tech,” which means it is unable to access some of the funding and resources for security given to those with critical industry designations.
Latest articles on cybersecurity: CISA sounds alarm on malicious cyber activity targeting managed service providers