Select group of countries to fight cybercrime, Coinbase victimized by 2FA error a text messaging scam and more.
Welcome to Cyber Security Today. It’s Monday October 4th. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.
Thirty countries have been invited by the United States to meet virtually this month to find ways to fight cybercrime. President Biden said the goal is to build a coalition of nations to improve law enforcement collaboration, stem the illicit use of cryptocurrency and work together in diplomatic bodies to disrupt malicious cyber activity. By the way, among the things Biden urges organizations to do for their part is encrypt their data and use multifactor authentication.
Multifactor or two-factor authentication is one of the best things an organization can do. It reduces the odds of an attacker successfully abusing the theft of people’s passwords to steal data. But it’s not merely getting the IT department to flick a switch. Do two-factor authentication wrong and customers can be victimized. The latest example is the theft of digital money from the Coinbase cryptocurrency exchange. News has emerged that Coinbase is telling more than 6,000 users that money may have been taken from their accounts several months ago. This happened because there was a flaw in the Coinbase process customers use for recovering access to their accounts. This is the type of process you’d use if you forgot your password, for example. As part of the process, Coinbase sends out an SMS text message to the customer’s smartphone with a code to verify their identity. However, crooks who had stolen a victim’s email address, password and phone number could trick Coinbase into sending the text to the crook’s phone. That way they could take over the victim’s account. The lesson for any organization is your process for allowing customers and users to recover their accounts online has to be well-thought-out and flawless. Another lesson for organizations is that two-factor authentication codes sent by SMS text isn’t secure. It’s better to use an authentication app like Google Authenticator or others. It’s more expensive, but it’s safer.
One of the latest victims of ransomware is a U.S. publisher of a number of trade publications called Sandhills Global. It publishes sites such as Truck Paper, RentalYard, Motorsports Universe and more. The Bleeping Computer news site says it’s been told that the Conti ransomware group is responsible.
There’s a new text messaging scam going around, the latest attempt by cybercrooks to trick people into installing malware on their smartphones. The anonymous text claims someone has uploaded your photos to a website without approval. It includes a link to the supposed website. Click on the link a red warning notice pops up saying the phone has now been infected with the Flubot malware. To get rid of it you have to click on a button to install a security update. This is a scam. Clicking on the security update link installs malware. No one texts or emails links to security updates. If you get a message like this close the page, and delete the text.
External threat actors are the biggest cyber threat to organizations, but sometimes corrupt insiders take advantage of their positions. In one of the latest examples, a forrner U.S. Army contractor was sentenced last week to over 12 years in prison and ordered to pay $2.3 million in restitution for his role in a conspiracy that stole millions from bank accounts, pension payments and disability payments of current and former members of the armed forces. He did it by taking advantage of his online access to take screen shots of files of personnel. The birth dates, Social Security numbers, military ID numbers and more were used to access victims’ military accounts. Last year a co-conspirator was sentenced to four years.
Are you an Android or Java application developer? Looking for security and privacy problems is one of your responsibilities. Fortunately, Facebook has open-sourced a tool it uses for finding bugs in those apps. Called Mariana Trench, you can download it from GitHub. There’s a link to it here.
Finally, users of the Google Chrome browser should make sure they’re running the latest version. Patches were released last week to fix serious holes. The version you should have starts with 94 and ends with .71.
That’s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.