Skip to main content

Friday Five: 5/29 Edition

by Amanda Brown on Friday May 29, 2020

Contact Us
Free Demo

Costa Rica's state bank deals with hackers, North Dakota's contact tracing app causes controversy, Google issues warnings of government-backed attackers - catch up on all the week's news with the Friday Five.

1. Hackers Leak Credit Card Info from Costa Rica’s State Bank by Ionut Ilascu

The hackers behind the Maze ransomware strain are claiming to have breached the Bank of Costa Rica (BCR). When the bank denied the intrusion, the group published what it claims is stolen credit card information on its “leak” site this week. The attackers said they shared the 2GB spreadsheet of payment card numbers because they are not looking to make any profit from it but instead are trying to draw attention to the bank’s security lapses. Screenshots from the database contain data for 50 to 100 cards, some with the last four digits removed, along with expiration data and verification codes for each. Maze operators on April 30 claimed to have more than 11 million cards from BCR, four million being unique and 140,000 belonging to US citizens. The group said they gained access to the bank’s network in August 2019 and again in February 2020, but the bank issued a public statement saying that after thorough investigation from internal and external specialists, they firmly confirm that the institutions systems had not been violated.

Read more

2. North Dakota’s Contact Tracing App Sends User Data to Third Parties by Sarah Coble

North Dakota, like many other states and countries, has taken part in the effort to monitor the spread of coronavirus by building its own contact-tracing app – Care19. Now a cybersecurity company is claiming that the Care19 app is sending data to Foursquare and other third parties and exposing users’ identities. In the app’s privacy policy, users are assured that "location data is private to you and is stored securely on ProudCrowd, LLC's servers. It will not be shared with anyone including government entities or third parties, unless you consent or ProudCrowd is compelled under federal regulations.” The company is disputing North Dakota’s claim that the information uploaded via the app is 100% anonymous on the grounds that users who access the app via iPhone can be unmasked through the Identifier for Advertisers (IDFA) on their device. Foursquare confirmed that they do receive Care19 data, but they promptly discard the information sent via the app and do not use it for anything.

Read more

3. New Fuzzing Tool Finds 26 USB Bugs in Linux, Windows, MacOS and FreeBSD by Catalin Cimpanu

A research team of academics created a new “fuzzer” tool, USBFuzz, that's specifically designed to test the USB driver stack of modern-day operating systems. The application allows security researchers to send large qualities of random data as inputs to other programs and then analyze how the tested software behaves in order to discover new bugs. After investigating the USB driver stack employed by operating systems such as Linux, MacOs, Windows, and FreeBSD with USBFuzz, the researchers discovered 26 new vulnerabilities. Specifically, one bug was found in FreeBSD, three were in MacOS, four in Windows 8 and Windows 10, and a whopping 18 were found in Linux. Hui Peng and Mathias Payer, the researchers behind the project, reported the bugs to the Linux kernel team and plan to present their research at the Usenix Security Symposium virtual security conference, scheduled for August 2020.

Read more

4. Google Sees Resurgence in State-Backed Hacking, Phishing Related to COVID-19 by Anurag Maan and Kanishka Singh

Amid the coronavirus outbreak, researchers have seen a clear resurgence in hacking and phishing attempts related to the pandemic, and Google is no exception to that trend. Security experts from Google have sent over 1,700 warnings in the month of April to users whose accounts were being targeted by government-backed attackers. The company’s Threat Analysis Group has observed “hack-for-fire” firms creating Gmail accounts posing as the World Health Organization. These groups have been targeting business leaders, mostly in the financial services, consulting, and healthcare industries, in numerous countries including the United States, Slovenia, Canada, India, UK and more. Medical and healthcare professionals, including WHO employees themselves, have also been the targets of these attacks.

Read more

5. Riding the State Unemployment Fraud ‘Wave’ by Brian Krebs

The U.S. Secret Service is warning of a “massive fraud” campaign against state unemployment insurance programs as many U.S. states struggle to combat a flood of fake Pandemic Unemployment Assistance (PUA) claims. The warning noted that false filings from a well-organized Nigerian crime ring could cost U.S. states and the federal government hundreds of millions of dollars in losses. After the Secret Service published the warning, various underground forums and chat networks related to financial fraud lit up with activity. Many people are selling tutorials and “methods” on how to siphon unemployment insurance funds from different states and avoid getting the phony request flagged as suspicious. Unfortunately, many states have few controls in place to detect and stop suspicious behavior such as multiple payments going to the same bank account, or filings made for different people from the same internet address.

Read more

Tags:  hacking Phishing Cyber Security

Recommended Resources

The Definitive Guide to DLP

  • The seven trends that have made DLP hot again
  • How to determine the right approach for your organization
  • Making the business case to executives

The Definitive Guide to Data Classification

  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business