Friday Five: New Cyber Guidelines and Legislation, Cybercriminal Activity, & Malware Targeting macOS
Read up on the latest cybersecurity legislation, a new executive order from the Biden Administration, the fight against cybercrime, and a new malware affecting mac users. Find these stories and more in this week’s Friday Five!
SENATE COMMITTEE ADVANCES OPEN SOURCE SOFTWARE AND DIGITAL IDENTITY BILLS BY CHRIS RIOTTA
The Senate Homeland Security and Governmental Affairs Committee advanced a series of bills this past week that aim to improve government operations around data management, digital identity, and securing critical infrastructure from cyber attacks. The advanced bills include the Securing Open Source Software Act of 2023, the National Risk Management Act of 2023, the Improving Digital Identity Act of 2023, the Federal Data Center Enhancement Act of 2023, and others. Read more on what this legislation could accomplish once made into law in the full story from Chris Riotta.
EXECUTIVE ORDER SETS UP GUARDRAILS FOR US USE OF COMMERCIAL SPYWARE BY TONYA RILEY
President Biden signed an executive order on Monday that prohibits U.S. government agencies from using commercial spyware that presents a national security risk to the United States. Such spyware has been said to have targeted at least 50 U.S. personnel in ten countries across several continents. Rather than providing an outright ban on U.S. agencies using spyware, however, the executive order seeks to prevent the use of products deemed unacceptable by the U.S. government, while keeping the door open to the use of other commercial surveillance products.
FAKE DDOS SERVICES SET UP TO TRAP CYBERCRIMINALS BY CHRISTOPHER BOYD
According to a recent announcement by the UK's National Crime Agency (NCA), the agency has disrupted the online criminal marketplace by setting up a number of trap sites purporting to offer DDoS-for-hire services. While an unsuspecting cybercriminal may assume that they're setting up an account to access DDoS tools, in reality, they'll be redirected to a splash page warning them that their data has been collected and they will be contacted by law enforcement. Read more about how this tactic is connected to Operation Power Off and how the goal of the tactic is to deter inexperienced cybercriminals.
NORTH KOREA'S KIMSUKY EVOLVES INTO FULL-FLEDGED, PROLIFIC APT43 BY ELIZABETH MONTALBANO
Cybercriminal group Kimsuky--otherwise known as APT43 and Thallium--have recently carried out "unusually aggressive" social-engineering attacks aimed at gathering intelligence from American, South Korean, and Japanese targets, along with stealing and laundering cryptocurrency to support the North Korean government. Researchers at Mandiant have found that the group has graduated from mere cyber espionage to stealing cryptocurrency to fund their own operations and the regime of Kim Jong-un. Read more about Kimusky's new tactics and who they're targeting in the full story from Elizabeth Montalbano.
NEW MACSTEALER MACOS MALWARE STEALS PASSWORDS FROM ICLOUD KEYCHAIN BY BILL TOULAS
A new info-stealing malware-as-a-service (MaaS) dubbed 'MacStealer' is targeting Mac users, stealing their credentials stored in the iCloud KeyChain and web browsers, cryptocurrency wallets, and potentially sensitive files. While the seller claims the malware is still in an early beta development phase and offers no panels or builders, it instead sells pre-built DMG payloads that can infect macOS Catalina, Big Sur, Monterey, and Ventura. Upon the victim providing their system's password after being given a fake password prompt, a command allows the malware to collect passwords from the compromised device.