Friday Five 10/29
Apple fixes a critical SIP bypass and personal data protection becomes a fundamental right in Brazil - catch up on the infosec news of the week with the Friday Five!
1. Dark Web Drug Busts Lead to 150 Arrests by Brian Barrett
There's no shortage of dark web drug busts these days but it's interesting to see law enforcement pick up the breadcrumbs from busts and line up domino after domino of subsequent arrests. That's exactly what happened with DarkMarket, a marketplace that was shuttered in January. While there, authorities grabbed servers from Moldova and Ukraine and used the information within to pursue whoever was behind them. In this case, according to Wired, it came in the form of 150 arrests spread across eight countries; over 230 kilograms of drugs and the seizure of $31.6 million in cash and cryptocurrency. Referred to as Operation Dark HunTor by the US Justice Department and Europol, it's unlikely the action will have any major repercussions - these marketplaces pop up like weeds - but it will likely slow cybercriminals down in the near term.
2. Police arrest hackers behind over 1,800 ransomware attacks by Bill Toulas
Speaking of Europol, news of another bust in the region came this week when the organization announced that 12 individuals connected to ransomware strains like LockerGoga, MegaCortex, and Dharma have been arrested. The hackers are connected to attacks against 1,800 victims in 71 countries according to this Bleeping Computer report. The arrests, which happened on Wednesday, yielded five luxury vehicles, electronic devices, and $52,000 in cash.
3. Critical macOS vulnerability found to bypass SIP restrictions by Rene Millman
Details came out this week about what could have been a potentially nasty bug in macOS that was fixed by Apple after Microsoft, whose researchers uncovered it, reported it to them. The flaw, dubbed Shrootless by Microsoft, was in macOS' System Integrity Protection (SIP) and if exploited, could have let an attacker bypass SIP and execute arbitrary code. Apple's security advisory for the update, issued earlier this week, thanks Jonathan Bar Or of Microsoft for bringing it (CVE-2021-30892) to the company’s attention. As ITPro points out, following a SIP bypass, an attacker could really have their way with a system and install a rootkit or malware, or worse. Microsoft's blog post, written by Or, points out how valuable collaboration was to mitigating a cross-platform threat like this. "As cross-platform threats continue to increase, vulnerability discoveries, coordinated response, and other forms of threat intelligence sharing help enrich our protection technologies that secure users’ computing experience regardless of the platform or device they’re using,” Or wrote. The update was one of many that macOS, along with iOS and iPadOS received this week.
4. Microsoft aims to grow U.S. cybersecurity workforce by 250K by Hannah Mitchell
Some big numbers courtesy of Microsoft this week that help complement statistics making the rounds this month the cybersecurity workforce. The company said in a blog post this week that it plans to train 250,000 cyber workers by providing resources - a cybersecurity cirriculum - through community colleges. The company says the initiative should help cut the cybersecurity skills gap in half by 2025. Cyber Seek, a tech job-tracking database from the U.S. Commerce Department, said there are about 465,000 open positions in cybersecurity nationwide back in May 2021. That figure is actually higher than a report released this week by (ISC)², a nonprofit group that regularly puts on cybersecurity trainings, which said Tuesday the U.S. needs 377,000 to fill the gap. Whatever the number, Microsoft’s plan to train new blood could be a boon for the industry.
5. Personal data protection to become a fundamental right in Brazil by Angelica Mari
Some news from Brazil where the Brazilian Senate has passed a proposal to an amendment to the Constitution there that will make personal data protection a fundamental right in the country. According to ZDNet's Angelica Mari, there were no votes against the amendment. "The proposal establishes that the federal government is solely responsible for the organization and supervision of the protection and processing of personal data and has exclusivity in terms of legislation relating to the protection and processing of personal information," Mari writes. Brazil's version of the General Data Protection Regulation (GDPR), Lei Geral de Proteção de Dados (or LGPD) came into effect last year, in the middle of the COVID-19 pandemic, and helped define what constitutes personal data and created ten legal bases for lawful processing of personal data.