Ever wonder why staying vigilant in cybersecurity is like playing whack-a-mole? Let’s dive into some wild stories that highlight the need to always be on the lookout! From hackers using legitimate websites to spread malware, to the humorous and slightly terrifying saga of employees using mouse jigglers to fake work, to cyberattacks from space, there are a lot of reasons why we should always keep our guard up in the wild world of cybersecurity!
In this episode:
Always BOLO – Ep 465
Today’s Episode is brought to you by:
Kardon
and
HIPAA for MSPs with Security First IT
Subscribe on Apple Podcast. Share us on Social Media. Rate us wherever you find the opportunity.
Great idea! Share Help Me With HIPAA with one person this week!
Learn about offerings from the Kardon Club
and HIPAA for MSPs!
Thanks to our donors. We appreciate your support!
If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com
Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA
If you see a couple of numbers on the left side you can click that and go directly to that part of the audio. Get the best of both worlds from the show notes to the audio and back!
Thanks to our donors.
HIPAA Say What!?!
[04:54]Opinion Order AHA vs OCR web tracking technologies
Federal court sides with AHA on web tracking suit
Always BOLO
[09:05]Never think you have thought of everything – there are always other places you should be looking. One of the things we do is watch for news stories that make us think about things we may have overlooked. Here are a few recent ones that grabbed our attention.
Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor
Hackers use compromised legitimate websites to distribute the BadSpace Windows backdoor via fake browser updates. They gather user data and deliver malware through multi-stage attacks.
Here is how this works:
- Hackers find a way to break into a website that people trust and use regularly.
- They add some code that prompts you to do what looks like a normal browser update
- When a user goes to the site a pop-up says your browser needs updates and the user just goes with it. Which then downloads some malware.
- That malware quickly runs and opens up a backdoor they can use to access that computer and take control of it then the malware disappears. The back door is there for anything they want to do from then on.
You need to worry about two things here – your users falling for it AND your website being the one that gets infected and spreads the malware.
[18:47]Over a dozen Wells Fargo employees were fired for using mouse jigglers and keyboard simulators to fake work. What are they really doing while they are faking work? Maybe nothing malicious but if they are running this software while connected to their work systems…..
[24:01]A disgruntled ex-employee caused over $600,000 in damages by deleting all 180 test servers, demonstrating the severe impact of insider threats. He worked at NCS (National Computer Systems) which is a major IT services firm in South-East Asia and is headquartered in Singapore.
Dude gets fired and later discovers he still has access to the systems and servers. We have heard this before but wow was this one bad…
Between January and March 2023 he was able to get in there and even develop and test his plan for deleting servers without anyone seeing him! Once he Googled how to do it and started testing you would think something would get triggered but I guess not!
[30:29]ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models
ASUS patched a critical authentication bypass vulnerability that could allow attackers to gain unauthorized access, emphasizing the importance of regular security updates. How would you even know how many of these may be deployed in the homes of your staff?
On June 20, 2024, Censys said it has observed over 147,000 exposures of ASUS routers that are potentially vulnerable to CVE-2024-3080, noting the estimate is “likely an underestimation.”
Sidebar: What do all the alerts about vulnerabilities really mean?
[34:33]HC3: Monthly Cybersecurity Vulnerability Bulletin June 13, 2024 TLP:CLEAR Report: 202406131200
CISA KEV Catalog – 14 new ones in May.
Known Exploited Vulnerabilities Catalog | CISA
What do these terms that get tossed around about vulnerabilities really mean or at least what should you understand about them?
CVE Details website is very helpful in finding.
CVE – Identified cybersecurity vulnerabilities that can be publicly announced are submitted and a CVE ID is assigned for tracking these Common Vulnerabilities and Exposures (CVEs).
CVSS – Common Vulnerability Scoring System is a score assigned to help us know how bad it is on a scale of 1 to 10 with 9 or higher deemed to be Critical.
EPSS – Exploit Prediction Scoring System says what is the likelihood of this vulnerability being exploited in the wild based on what we know right now. This score is between 0 and 100%. There can be an exploit published but not used.
Once it is used then it gets added to the CISA KEV catalog. These are the ones you want to be sure someone is handling them.
[40:17]Space: The Final Frontier for Cyberattacks
Cyberattacks targeting satellites and space infrastructure can disrupt communications, navigation, and even national security.
Here are a few concerns for you to consider that hackers getting control of satellites or their hardware could mean:
First, they get on the production team for companies that build all the different systems that these satellites use. Then they can take the time to work their way into a position with enough access to embed malware in satellite hardware before it is ever launched.
Now, they can do all kinds of things once it is in use. Who knows who the satellite companies may be developing for when one or two of them are able to get infected.
- Manipulate the paths of the satellites or disrupt their ability to transmit data.
- Spoof the GPS information so everything that relies on it will go who knows where.
- Intercept sensitive government or commercial information that could be used for attacks in other ways.
After hearing these wild security tales, do you see why it’s crucial to always be on the lookout in the digital world? Whether it’s dodging malware on a seemingly safe site, dealing with sneaky mouse jigglers, or safeguarding your website from hackers, it pays to stay vigilant. Keep your digital guard up, folks, because you never know what might be lurking around the corner in cyberspace.
Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word. As always, send in your questions and ideas!
HIPAA is not about compliance,
it’s about patient care.TM
Special thanks to our sponsors Security First IT and Kardon.
