NEW BILL WOULD CREATE A GOVERNING BODY FOR WATER SYSTEM CYBER STANDARDS BY DAVID DIMOLFETTA
The Water Risk and Resilience Organization Establishment Act, led by Representatives Rick Crawford and John Duarte, proposes creating an entity to work with the EPA in developing cybersecurity requirements for water treatment and wastewater systems. This measure responds to recent cyber incidents targeting the water sector and aims to enhance protections against threats. Following industry feedback, the proposed body would develop and enforce cyber requirements for covered water systems, subject to EPA approval, addressing vulnerabilities highlighted by foreign adversaries targeting critical infrastructure. The EPA and National Security Council have urged vigilance against cyber threats to water sector infrastructure, emphasizing the need for improved cybersecurity practices.
LOCKBIT 3.0 VARIANT GENERATES CUSTOM, SELF-PROPAGATING MALWARE BY JEFFREY SCHWARTZ
LockBit ransomware-as-a-service (RaaS) group targeted an organization in West Africa using a new variant of its LockBit 3.0 builder leaked in 2022. During the attack, the threat actors used stolen credentials to infect multiple hosts, disabling Windows Defender, encrypting network shares, and deleting Windows Event Logs. Researchers identified this variant as highly concerning due to its ability to generate custom, self-propagating ransomware, and can also reportedly target specific systems and files, allowing attackers full control over the victim's infrastructure. Organizations are urged to implement various security measures, including antimalware software, managed detection and response solutions, vulnerability assessments, backups, network segmentation, MFA, application whitelisting, and an incident response plan.
LABHOST PHISHING SERVICE WITH 40,000 DOMAINS DISRUPTED, 37 ARRESTED BY BILL TOULAS
LabHost, a phishing-as-a-service (PhaaS) platform, was disrupted in a global law enforcement operation lasting a year, resulting in the arrest of 37 suspects, including the original developer. Launched in 2021 and identified as a popular PhaaS platform by Fortra's own researchers this past February, LabHost allowed cybercriminals to launch phishing attacks with ease, offering infrastructure for hosting phishing pages and automated email generation. Europol's investigation revealed 40,000 phishing domains linked to LabHost, with 10,000 users worldwide paying a monthly fee averaging $249. LabHost's standout tool, LabRat, enabled attackers to capture 2FA tokens. During simultaneous searches in April 2024, police forces worldwide arrested suspects and seized servers hosting LabHost websites, finding that LabHost had stolen 480,000 credit cards, 64,000 PINs, and one million passwords. Despite a major outage last year, LabHost resumed operations in December 2023, raising questions about its connection to law enforcement activities.
HOUSE PASSES BILL TO LIMIT PERSONAL DATA PURCHASES BY LAW ENFORCEMENT, INTELLIGENCE AGENCIES BY DEREK B. JOHNSON
The House passed the "Fourth Amendment Is Not For Sale Act," which prohibits law enforcement and intelligence agencies from purchasing personal information without a court order. Introduced by Rep. Warren Davidson, the bill received bipartisan support and aims to protect digital privacy. Privacy advocates hope the Senate will swiftly pass the measure, however, the bill faces opposition from the White House, which considers it "unworkable" and "devastating" to homeland security. Despite the bill's passage, its future in the Senate remains uncertain.
EX-WHITE HOUSE CYBER OFFICIAL SAYS RANSOMWARE PAYMENT BAN IS A WAYS OFF BY MATT BRACKEN
During a House Financial Services subcommittee hearing, former White House cyber official Kemba Walden discussed the challenges of implementing a ransomware payment ban, citing the vulnerability of small to mid-sized businesses. Megan Stifel echoed, advocating for support for small businesses targeted by cyberattacks. Witnesses highlighted the need for secure-by-design products, improved information-sharing, and incentives for cyber hygiene practices. Addressing workforce shortages and fostering global collaboration were seen as crucial steps. Walden emphasized the importance of communication between federal investigators and tech companies to combat ransomware threats effectively.
