Pete Recommends – Weekly highlights on cyber security issues, November 30, 2024

Subject: Act fast to snuff out employee curiosity over ‘free’ AI apps
Source: CSO
https://www.bespacific.com/act-fast-to-snuff-out-employee-curiosity-over-free-ai-apps/

CSO – “The word “free” has always tempted employees who are looking for an app or template to make their work easier. These days, combine “free” with “AI” and the lure is almost irresistible. Since the release of ChatGPT in late 2022, free AI-themed apps have exploded. Unfortunately, some are created by threat actors. One of the latest examples, reported this week by Malwarebyes, claims to be an AI video editor, but really installs the Lumma Stealer malware. Victims were lured by …



Abstracted from beSpacific
Copyright © 2024 beSpacific, All rights reserved.

Subject: Surveillance Self-Defense Tips, Tools and How-tos for Safer Online Communications
Source: Electronic Frontier Foundation
https://www.bespacific.com/surveillance-self-defense-tips-tools/

We’re the Electronic Frontier Foundation, an independent non-profit working to protect online privacy for over thirty years. This is Surveillance Self-Defense: our expert guide to protecting you and your friends from online spying. Surveillance Self-Defense (SSD) is a guide to protecting yourself from electronic surveillance for people all over the world. Some aspects of this guide will be useful to people with very little technical knowledge, while others are aimed at an audience with considerable technical expertise and privacy/security trainers. We believe that everyone’s threat model is unique.[…]

https://ssd.eff.org/module-categories/basics

https://ssd.eff.org/#index

https://ssd.eff.org/glossary

https://ssd.eff.org/module-categories/tool-guides

https://ssd.eff.org/module-categories/security-scenarios


Abstracted from beSpacific
Copyright © 2024 beSpacific, All rights reserved.

Subject: Crypto companies are losing ground to deepfake attacks
Source: Help Net Security
https://www.helpnetsecurity.com/2024/11/28/crypto-deepfake-fraud/

The study finds that 57% of crypto companies report audio deepfake incidents, compared to just 45% facing fake or modified document fraud.Research further reveals that 53% of crypto firms have encountered video deepfake fraud, cementing deepfakes as a top concern. In contrast, other industries continue to grapple primarily with fake document fraud as their leading threat.

This highlights a unique challenge, as fraudsters shift their focus to leveraging advanced technologies to outmaneuver the industry’s security defenses.

While the crypto industry experiences an average loss of $440,000 from advanced fraud techniques like deepfakes, a notable 37% of companies are losing more than $500,000 each. Crypto organizations are not only more frequently targeted by deepfake fraud but also rely on unique defense strategies. According to the study:

Crypto companies prioritize live video interviews…

More about

Subject: Australia Makes History With Social Media Ban for Under 16s
Source: tech.co
https://tech.co/news/australia-social-media-ban-under-16s

Australia has gone in hard after social media companies with an all-out ban for under 16s. In a move that could have a global ripple effect, Australia has passed the first-ever law to ban under 16s from social media in the world.The new law was passed by the country’s upper house, the Senate, by 34 votes to 19; and will come into force in a year’s time.

It comes as the impact of social media on children has finally faced official scrutiny with 14 cases against one platform – TikTok – alone.

What Will the Social Media Ban Law Mean? The law has been prompted by what prime minister, Anthony Albanese, says is a “clear, causal link between the rise of social media and the harm [to] the mental health of young Australians.”

When enacted, the online safety amendment (social media minimum age) bill will make it illegal for children under-16 years of age to access social media platforms. This is the highest age limit set by any country but also doesn’t exempt usage with parental consent. If children under this age are found to be getting online, hefty fines will be levied of up to AU$50m (US$32m).

Could This Be the Start of World-Wide Social Media Bans? The law in Australia does reflect a wider movement globally. A new law will come into effect in Florida on January 1, which bans social media accounts for children under-14; but also stipulates children aged 15 and 16 must have parental consent to engage.

Beyond the States, BBC News reports that Norway is considering a ban and France already has legislation in place; but social media access for children under-15 is possible with parental consent.

Tags

Subject: Coast Guard adds new cyber requirements for ship-to-shore cranes
Source: Federal News Network
https://federalnewsnetwork.com/defense-main/2024/11/coast-guard-adds-new-cyber-requirements-for-ship-to-shore-cranes/

The Coast Guard has new cyber risk management requirements for Chinese-made ship-to-shore cranes, signaling increased concerns over security risks posed by these cranes.The Maritime Security directive, released last week, builds upon a mandate from February —  the public notice doesn’t disclose specifics of the new requirements as the directive contains security-sensitive information.

Chinese-made ship-to-shore cranes make up 80% of all cranes operating across the U.S. ports, and these cranes can be “controlled, serviced, and programmed from remote locations, and those features potentially leave STS cranes vulnerable to exploitation, threatening the maritime elements of the national transportation system,” according to the notice

The notice instructs all owners and operators of Chinese-made cranes to contact their local captain of the port or district commander to get a copy of the directive.

Concerns over the security of Chinese-made cranes escalated when the Federal Bureau of Investigation found intelligence-gathering equipment near or on these cranes upon their arrival at the Port of Baltimore.

“Now, the U.S. Coast Guard will have the express authority to respond to malicious cyber activity in the nation’s Maritime Transportation System by requiring vessels and waterfront facilities to mitigate cyber conditions that may endanger the safety of a vessel, facility, or harbor,” the executive order released in February states.

Filed: https://federalnewsnetwork.com/category/defense-main/

Subject: Phishing-as-a-Service “Rockstar 2FA” Targets Microsoft 365 Users with AiTM Attacks
Source: The Hacker News
https://thehackernews.com/2024/11/phishing-as-service-rockstar-2fa.html

Cybersecurity researchers are warning about malicious email campaigns leveraging a phishing-as-a-service (PhaaS) toolkit called Rockstar 2FA with an aim to steal Microsoft 365 account credentials.”This campaign employs an AitM [adversary-in-the-middle] attack, allowing attackers to intercept user credentials and session cookies, which means that even users with multi-factor authentication (MFA) enabled can still be vulnerable,” Trustwave researchers Diana Solomon and John Kevin Adriano said.

Rockstar 2FA is assessed to be an updated version of the DadSec (aka Phoenix) phishing kit. Microsoft is tracking the developers and distributors of the Dadsec PhaaS platform under the moniker Storm-1575.

Some of the promoted features of Rockstar 2FA include two-factor authentication (2FA) bypass, 2FA cookie harvesting, antibot protection, login page themes mimicking popular services, fully undetectable (FUD) links, and Telegram bot integration.

It also claims to have a “modern, user-friendly admin panel” that enables customers to track the status of their phishing campaigns, generate URLs and attachments, and even personalize themes that are applied to the created links.

Besides using legitimate link redirectors (e.g., shortened URLs, open redirects, URL protection services, or URL rewriting services) as a mechanism to bypass antispam detection, the kit incorporates antibot checks using Cloudflare Turnstile in an attempt to deter automated analysis of the AitM phishing pages.

The disclosure comes as Malwarebytes detailed a phishing campaign dubbed Beluga that employs .HTM attachments to dupe email recipients into entering their Microsoft OneDrive credentials on a bogus login form, which are then exfiltrated to a Telegram bot.

LinkedIn
Posted in: Cryptocurrency, Cybercrime, Cyberlaw, Cybersecurity, Economy, Privacy, Social Media