Friday Five 12/2
World Cup scams and other international cybercrimes took the headlines this past week. Read about these threats and more in this week’s Friday Five!
1. WAVE OF CYBER-ENABLED SCAMS TARGET FIFA WORLD CUP FANS BY AJ VICENS
Researchers found that World Cup scams have rapidly increased this past week, with cybercriminals seeking to harvest personal information and steal money from people trying to buy merchandise or tickets online or find work on-site in Qatar. Along with fake ticket and merchandise sites, researchers have found roughly 40 fake apps in the Google Play store and have observed the use of info-stealing malware like Redline and Erbium. Read more about the extent of these scams and when they first started appearing.
2. MAJORITY OF DEFENSE CONTRACTORS FAIL TO IMPLEMENT CRITICAL CYBERSECURITY REQUIREMENTS, REPORT SAYS BY CHRIS RIOTTA
According to a report published this past Wednesday, which assesses the state of cybersecurity maturity across the Defense Industrial Base, a majority of defense contractors are failing to meet Defense Federal Acquisition Regulation Supplement requirements in a trend that poses "a direct threat to national security." More specifically, an estimated 73% of contractors have failed to implement an endpoint detection and response solution, while 79% lack a comprehensive multi-factor authentication system. Furthermore, 87% of defense contractors fall below a score of 70 on the Supplier Performance Risk System, a tool used to track whether contractors are complying with DFARS requirements.
3. GLOBAL CYBER-ENFORCEMENT OP NETS $130M, SAYS INTERPOL BY ROBERT LEMOS
A large-scale international operation led by Interpol's National Central Bureaus (NCBs) has resulted in nearly a thousand arrests and a net of $130 million in seized virtual assets. The investigations, which took place between June 28 and Nov. 23, were dubbed Operation Haechi III and tracked money laundering, cyber-enabled fraud, and other financial crimes in 30 countries. Read more about Interpol's efforts to curtail such crimes and what the head of Interpol's National Central Bureau had to say about the results of the operation.
4. CHROME, DEFENDER, AND FIREFOX 0-DAYS LINKED TO COMMERCIAL IT FIRM IN SPAIN BY DAN GOODIN
According to a recent report from Google’s Threat Analysis Group (TAG), a Spanish IT firm known as Variston IT has been linked to software frameworks that provide everything a customer needs to surreptitiously install spyware. The frameworks were reportedly capable of exploiting n-days and 0-days in Chrome, Windows Defender, and Firefox. According to the researchers, “commercial spyware puts advanced surveillance capabilities in the hands of governments who use them to spy on journalists, human rights activists, political opposition, and dissidents.
5. CYBERSECURITY RESEARCHERS TAKE DOWN DDOS BOTNET BY ACCIDENT BY SERGIU GATLAN
Per their report from earlier in November, Akamai Security Intelligence Response Team (SIRT) KmsdBot malware was discovered behind a cryptomining botnet, and in the researchers' attempt to analyze its capabilities, they accidentally deactivated the entire botnet. According to one of Akamai's vulnerability researchers in their new report, they were able to "send commands to the bot to test its functionality and attack signatures" in a controlled environment. But, "as part of this analysis, a syntax error caused the bot to stop sending commands, effectively killing the botnet."