The Industry’s Only SaaS-Delivered Enterprise DLP
Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.
No-Compromise Data Protection is:
- Cross Platform
- Flexible Controls
iOS zero days, the state of U.S. chipmaking, and the disruption of a phishing ring - catch up on all of the week's infosec news with the Friday Five!
1. iOS zero day let SolarWinds hackers compromise fully updated iPhones by Dan Goodin
It was revealed this week that the Russian state hackers behind the Solar Winds attack also tried to steal web authentication credentials from Western European governments using iOS zero days. The then unknown vulnerability was exploited by sending messages to government officials on LinkedIn. The campaign also showed similarities to one involving the USAID in which hackers sent emails that looked like they were coming from the agency. The news is part of the increase in zero days this year, a surge driven by private companies entering the lucrative space.
2. The US Needs to Get Back in the Business of Making Chips by Will Knight
In this story, Will Knight looks at the much discussed shortage of computer chips in the U.S. This shortage stems from the fact that the percent of computer chips made in the U.S. has decreased from 37% of the total worldwide in 1990 to 12% in 2019. The supply chain issues created by COVID-19 have laid bare the risks of a lack of domestic chip manufacturing. The shortage isn’t just in manufacturing, on the innovation and design side, the U.S has also woefully fallen behind. Recently, the U.S. government has taken steps to address the problem, including more funding for the semiconductor industry.
3. European Authorities Bust Phishing Ring by Chris Brook
In another win for European Law Enforcement, a phishing network that had reportedly cost consumers over $2 million was shuttered. Victims of the phishing ring were tricked into downloading malware onto their devices, which displayed fraudulent ads for items. Once entering the fake pages, consumers’ payment information was routed to scammer’s bank accounts. The arrests and discovered accounts revealed that the phishing ring operated across a wide swath of Europe. The phishing network disruption comes on the heels of the shutdown of a prominent VPN used by cybercriminals and at least in the short term, the dual actions should hopefully disrupt cybercrime.
4. REvil ransomware gang's web sites mysteriously shut down by Lawrence Abrams
The website and infrastructure for the REvil ransomware group mysteriously went down this week. One interesting detail is that the decoder[.]clear website was not resolvable by DNS queries, which may have been an indication that the DNS records had been pulled or the DNS infrastructure had been shut down. There were numerous rumors about why the site was down, one prominent rumor held that the ransomware gang had erased their servers after hearing about a government subpoena. The shutdown of the site comes amidst the REvil gang’s high profile attack against Kaseya a few weeks ago and the Biden administration’s tougher stance against ransomware.
5. Beyond Kaseya: Everyday IT Tools Can Offer 'God Mode' for Hackers by Andy Greenberg
This story examines the risks posed by hackers targeting the tools used to remotely manage IT systems which can provide an avenue for cybercriminals to access networks. In short, many of the tools that allow administrators to easily manage large networks can be leveraged by attackers to cause significant damage or gain access to networks. An upcoming talk at the security conference Black Hat is going to highlight another such risk, in this case using the popular tool Jamf to hijack Macs. The threat from tools used in remotely managed IT systems is not going away and network administrators will have to reimagine their security systems and protocols to manage the threat.