Security News for the Week Ending May 13, 2022
Chinese Sponsored OPERATION CUCKOOBEES Active for Many Years
Researchers with cybersecurity firm Cybereason briefed the FBI and Justice Department as early as 2019 about Operation CuckooBees, an alleged espionage effort by Chinese state-sponsored hackers (named Winnti or APT41) to steal proprietary information from dozens of global defense, energy, biotech, aerospace and pharmaceutical companies. The companies compromised include some of the largest companies in North America, Europe and Asia. These attacks go back to at least 2019 and they have stolen intellectual property, R&D, diagrams of fighter jets, helicopters, missiles and more. Credit: The Record
Spain’s Spy Chief Fired After News She Hacked Spanish Politicians
I guess they don’t like it when you use the laws they created against them. It doesn’t appear that she did anything illegal. Got a court order and everything. But, it was them she was spying against. The other problem she had was that there were dozens of other government officials who were also spied on, but it is not clear by whom. That includes the PM and Defense Minister. Their phones were declared spyware free – but were not. Credit: Security Week
EU Proposes to Kill Child Abuse by Killing Privacy
The challenge curbing kiddie porn, sometimes referred to by the more polite term child sexual abuse material (CSAM), is a hard one. End to end encryption makes that even harder. One current EU proposal would require companies to scan all communications, meaning that end to end encryption would be banned. It won’t technically be banned, it would just be impossible to allow and comply with the proposed regulations. The stupid pedophiles might be caught by this, but the smart ones would just encrypt the material before it is uploaded or use other methods. If we have learned one thing over the years is that bad guys adapt much more quickly than the law does. Of course, that material might stand out, but if they intentionally create a lot of chaff to hide what they are doing, it might not. A Botnet could create terabytes of encrypted garbage in no time, making the job of the carriers impossible. It also requires that providers read the text of every message and email, looking for signs of prohibited content. Credit: The Register
Colorado’s CBI Warns of Fraudulent Real Estate Transactions
My guess is that this is not limited to Colorado and this is not really a new scam, but the CBI says it is quickly ramping up. The scam is that a supposed out of state seller wants to sell a property, either with a house or vacant land, that currently doesn’t have a mortgage. The fraudster impersonates the owner looking for a buyer that wants a quick close. The whole transaction is being done remotely by mail with a fraudulent deed. Do your due diligence whether you are an agent or a buyer. Credit: CBI and Land Title Association
Mandiant Says Hackers Are Dwelling Inside for Fewer Days
Security firm Mandiant (soon to be part of Google) says that the number of days that hackers are lurking inside your systems continues to decrease. The time now stands at just 21 days. This is likely because hackers are worried about being detected before they can detonate their attack as companies and governments get more serious about fighting crime. That means that you don’t have as much time to detect the bad actors. Are you prepared? Credit: Data Breach Today