Friday Five 10/16 | Digital Guardian

The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls

Digital Guardian's Blog

Friday Five 10/16

by Colin Mullins on Friday October 16, 2020

Contact Us
Free Demo

Botnet disruptions, ransomware, and insensitive cybersecurity ads - catch up on the week's infosec news with the Friday Five!

1. As Voters Cast their Ballots, Courts Nationwide Issue Election Security Edicts by Tim Starks 

Legal battles with election security implications are taking place across the country as historic early voting is underway. The results of the cases have real-world implications. After two key court rulings in Georgia, there were reports of voters waiting up to ten hours in line to vote. The rulings in question had to do with the denial of two motions; one to scuttle touch screen voting machines over cybersecurity concerns; the other to require a specific number of emergency ballots to be on hand at Georgia polling sites. Across the country, there are also numerous legal fights over absentee ballot drop boxes and other issues pertaining to the increase in voting by mail. Court cases with election integrity and security implications are sure to continue during this contentious and litigious election season.

Read more

2. Microsoft Uses Trademark Law to Disrupt Trickbot Botnet by Brian Krebs

Microsoft has carried out a coordinated legal attack in an attempt to disrupt the malware as a service botnet Trickbot. A court in Virginia granted Microsoft access to numerous infected servers with the justification that the botnet has violated Microsoft’s trademarks. The legal attack comes on the heels of the US Cyber Command’s announcement that it had carried out its own attack on Trickbot. Trickbot has been used to steal passwords from millions of computers and hijack more than 250 million email accounts. Trickbot is also closely associated with deploying destructive ransomware, such as Ryuk. Even if these attacks only temporarily disrupt Trickbot, it’s always positive to see the private and public sector pushing back against destructive entities in the cybersecurity world.

Read more

3. Gov-Linked "Fatima" Cybersecurity Career Advert Removed After Backlash by Dan Raywood

A campaign to attract more people into careers in cybersecurity has been removed after coming under criticism for being insensitive. The ad featured a ballet dancer named “Fatima” and displayed copy stating, “her next job could be in cyber – she just doesn’t know it yet.” The ad drew furor after it was announced that the UK Government was encouraging those in the performing arts to retrain for other careers. The ad was widely viewed as tone-deaf as it seemed to disparage a career in the arts. Following the ad’s removal, everyone tangentially connected denied involvement, passed blame, and made statements expressing regret that the ad was published. Though there is a large gap between the pool of talent and jobs in cybersecurity, the only way to fill that shortage is with genuinely interested people, not through shaming or economic necessity.

Read more

4. Facebook, Twitter Aim to Slow Spread of New York Post article amid disinformation concerns by Jeff Stone

Social media companies are trying to limit the spread of a New York Post story while they try to verify its veracity. The story claims to reveal evidence of corruption by the former Vice President, and current Democratic nominee for president, Joe Biden. Facebook, and other social media giants, trying to learn lessons from the 2016 election, are taking steps to limit the spread of stories that could contain potentially false information intended to sway political opinion during the election season. Twitter's justification for stopping users from sharing links to the article was that it violates their policy of sharing information that has been obtained through hacking. The story is a big moment for social media companies to prove that they learned lessons from the 2016 election and is the latest development in their struggle to confront the tension between free speech and the responsibilities of being a publisher.

Read more

5. This major criminal hacking group just switched to ransomware attacks by Danny Palmer

FIN11, a financially motivated hacking group that targets organizations with phishing and malware has now switched to ransomware attacks. The change in approach is emblematic of how ransomware has become a cash cow for cybercriminals. As it’s been around since 2016, FIN11 has extensive networks through which to deliver ransomware. Currently, the group's favored method of attack is Clop ransomware and demanding Bitcoin to restore the network. A switch to ransomware is also appealing because it can be deployed against nearly any organization, while POS malware is only effective against certain targets. The primary motivation for cybercriminals continues to be financial. If ransomware is the most versatile and profitable tool in a cybercriminal’s arsenal, its recent surge shouldn’t be surprising.

Read more


Tags: Election, Ransomware