Friday Five: Another Cybercrime Market Taken Down, Addressing Open Source Software Security, and Fake Ransomware
Genesis Market is the latest victim in a string of law enforcement takedowns, the FDA and CISA are cracking down on medical devices and open-source software, respectively, and fake ransomware scams are on the rise. Catch up on all the latest in this week’s Friday Five!
NOTORIOUS GENESIS MARKET CYBERCRIME FORUM SEIZED IN INTERNATIONAL LAW ENFORCEMENT OPERATION BY AJ VICENS
An FBI-led effort known as “Operation Cookie Monster” led to the takedown of the reputable cybercrime forum known as Genesis Market, which was reportedly linked to “millions of financially motivated cyber incidents globally.” According to a recent statement from Europol, the operation involved 17 countries and resulted in 119 arrests, 208 property searches, and 97 “knock and talk measures.” Read more about Genesis Market, how to check if your email address was compromised, and what to do if you were affected.
THE FDA'S MEDICAL DEVICE CYBERSECURITY OVERHAUL HAS REAL TEETH, EXPERTS SAY BY NATE NELSON
The Food and Drug Administration released new guidance late last week concerning the cybersecurity of medical devices like insulin pumps and heart monitors advising manufacturers to submit "a plan to monitor, identify, and address, as appropriate, in a reasonable time, postmarket cybersecurity vulnerabilities, and exploits." Manufacturers reportedly have until October 1, 2023, to implement the new changes which, according to experts, may actually make a difference. Read why the cybersecurity of medical devices has been a long-standing issue in healthcare and when real change can be expected.
CISA DIRECTOR DETAILS PLAN TO ADDRESS SECURITY RISKS IN OPEN SOURCE SOFTWARE BY CHRIS RIOTTA
According to the Cybersecurity and Infrastructure Security Agency's Director, Jen Easterly, the agency is ramping up federal efforts to address security challenges associated with open-source software with a focus on collaboration between government and industry. CISA is reportedly hiring an open-source security lead and establishing new public-private sector initiatives through the Joint Cyber Defense Collaborative, which aims to identify and mitigate risks from open-source software to industrial control systems. “There is still an ability to download vulnerable – even malicious – code from” open source software libraries, said Easterly, “so that’s incredibly important and something we’re trying to move the ball on this year.”
FAKE RANSOMWARE GANG TARGETS U.S. ORGS WITH EMPTY DATA LEAK THREATS BY IONUT ILASCU
Attackers behind the name Midnight are taking advantage of legitimate ransomware authors to scam organizations into paying a ransom, while in reality, the attackers are not compromising networks or data in any way. Midnight reportedly began targeting organizations in the U.S. on March 16, if not earlier. “This method is cheap and easily conducted by low-skilled attackers. Much like 419 wire fraud scams, the scam relies on social engineering to extort victims by placing pressure on the victim to pay before a deadline. We expect this trend to continue indefinitely due to its cost-effectiveness and ability to continue to generate revenue for cybercriminals,” said investigators at Kroll.
MICROSOFT TIGHTENS ONENOTE SECURITY BY AUTO-BLOCKING 120 RISKY FILE EXTENSIONS BY RAVIE LAKSHMANAN
Following a growing number of reports that indicate OneNote is being used to deliver malware, Microsoft has announced plans to automatically block embedded files with "dangerous extensions" in the note-taking application. Rather than prompting users with a warning that can be dismissed, Microsoft now intends to avoid this bypass entirely, instead displaying the message: "Your administrator has blocked your ability to open this file type in OneNote." Find out who will be affected by the change and which file extensions will be blocked in the full story from BleepingComputer.