Skip to main content

Friday Five 2/25

by Chris Brook on Monday August 22, 2022

Contact Us
Free Demo

Ransomware hits the industrial sector, behind the scenes of a stalkerware network, and more - catch up on the infosec news of the week with the Friday Five!

1. LockBit, Conti most active ransomware targeting industrial sector by Ionut Ilascu

Bleeping Computer takes a look at a new report via ICS/OT cybersecurity firm Dragos that outlines how appealing the industrial sector has become for ransomware groups, specifically the groups LockBit and Conti. It saw 211 attacks hit the manufacturing sector - a number that accounted for 65% of the attacks, followed by 35 against the food and beverage sector and 27 against the food and beverage business. While the report's breakdown of targets is interesting, its drilldown of issues they face - below - including lack of visibility, use of shared credentials, and whether they have devices with an external connection, is illuminating. It's reaffirming that nuclear facilities appear to be among the most secure the firm looked at.


Read more

2. CISA Warns of Attacks Exploiting Recent Vulnerabilities in Zabbix Monitoring Tool by Ionut Arghire

Another week, another heads up from United States Cybersecurity and Infrastructure Security Agency (CISA) on some critical flaws that if you're an administrator, deserve your attention. Especially if your organization runs Zabbix, an enterprise monitoring solution that lets IT track and monitor services, metrics, and so on. Two vulnerabilities in the platform could be exploited by an attacker to bypass authentication and gain administrator privileges, something which could then allow an attacker to execute arbitrary commands. As SecurityWeek notes, patches for the issues were released in December but CISA is pushing organizations to fix the issues now if they haven't as they're being exploited in the wild. Because of that, the bugs have been added to CISA's Known Exploited Vulnerabilities Catalog; the agency is asking organizations to fix the bugs in two weeks, by March 8.

Read more

3. Behind the stalkerware network spilling the private phone data of hundreds of thousands by Zack Whittaker

A good scoop here via Zack Whittaker and Techcrunch who on Monday shared that a series of shady spyware apps are plagued by the same vulnerability. The issue exists in a handful of spyware apps - all Android-based - that were found harvesting data from 400,000 phones around the world. The white label apps have pretty generic names - Copy9, MxSpy, TheTruthSpy, iSpyoo, SecondClone, TheSpyApp, ExactSpy, FoneTracker and GuestSpy - and all appear to be operated by the same company, 1Byte. The story was timed with a warning from Carnegie Mellon University’s Software Engineering Institute's CERT/CC about the issue, an Insecure Direct Object Reference vulnerability, that results in a failure to authorize API requests. While some of the apps aren't working anymore, some are. Techcrunch is in a tricky spot however, as it can't explain too much about the vulnerability as it doesn't want to jeopardize those who may have the spyware on their phone. If you think your phone is infected with the spyware however, it’s worth reading Techcrunch’s explainer on how to remove it.

Read more

4. Google Plans Privacy Changes, but Promises to Not Be Disruptive by Daisuke Wakabayashi

Speaking of Android, Google announced this week that its planning on limiting how much data its smartphones share on its users, across apps and third parties. The company claims it plans on making more subtle changes to its mobile operating system than Apple did with iOS when it changed its permission controls last year but that it still wants to find a way for developers to make money through advertising while respecting user privacy. While balancing the two can always be a tough ask, Google already has a head start if you consider the merits of Chrome’s Privacy Sandbox, a technology that forgoes cookies in favor of anonymized signals in a person’s browser to allow ad targeting and measure a user’s browsing habits.

Read more

5. Consumer data privacy moves to House floor despite Senate inaction by Renzo Downey

There's no shortage of data privacy bills working their way through statehouses across the country right now. This blog looks at one in Florida, introduced by the state’s House of Representatives, that's making moves, from the state's House Commerce Committee to the House Judiciary Committee. It's next step: the House floor. This legislation would give consumers the right to determine what information has been collected, delete or correct the data, and opt-out of the sale or sharing of that personal information. The law, HB 9, differs from FPPA in the Senate; FPPA would include an entity-wide exemption for financial institutions under the GLBA while HB 9 has a partial entity-wide exemption.

Read more

Tags:  Industry Insights Ransomware Manufacturing Data Privacy

Recommended Resources

The Definitive Guide to DLP

All the essential information you need about DLP in one eBook.

The Ultimate Guide to Data Protection

Everything you need to know about data protection but were afraid to ask.