Gone Phishing: “Does that Forward Slash Look Funny to You?” Hackers have found yet another way to fool users into clicking on a link that unleashes malicious code. The trick involves a simple switching of one of the forward slashes so common that they are often ignored. While a normal URL begins http:// this new attack changes this into http:/\ a change that might not be noticed by e-mail scanners, which typically ignore this portion of the address, according to a report from GreatHorn Threat Detection. GreatHorn says the malformed URL prefix phishing attacks, which enable users to be directed to sites that look real but aren’t, was first spotted last fall, and have increased by 6,000% since the beginning of 2021. GreatHorn reports the messages often impersonate a voicemail service, providing a link to click to hear a message. The report notes one website “even includes a reCAPTCHA, a common security feature of legitimate websites, showing the sophistication and subtlety of the attempted attack.”
North Korea Using Cyber Thefts to Pay for Updating its Nuclear Arms. That’s the chilling report from the Associated Press, quoting experts at the United Nations. The AP reports that a panel of experts monitoring sanctions against North Korea recently reported that the country’s “total theft of virtual assets from 2019 to November 2020 is valued at approximately $316.4 million.” The report says North Korea is using these stolen cryptocurrency funds to evade economic sanctions imposed by the U.N. Security Council, and to procure weapons-building materials on the black market. The report says North Korea and Iran “have resumed cooperation on long-range missile development projects … said to have included the transfer of critical parts, with the most recent shipment associated with this relationship taking place in 2020.”
Iran “hides spyware in wallpaper, restaurant and games apps” That’s the BBC headline about a recent report on Iran’s spying efforts on dissidents in 12 countries—including the UK and the U.S. Check Point, the security firm, discovered the Iranian efforts to install the spyware on home and work computers of some 1,200 specially targeted victims. The malicious code was buried in apps that, among other guises, mimicked an app for a restaurant in Tehran, installed an infected wallpaper app containing pro-Islamic State imagery, and even offered a fake mobile security app.
The Silver Sparrow Mac Mystery. Security experts are unusually puzzled over some malicious code that has shown up on some 30,000 Mac computers. Named Silver Sparrow, its presence is a bit like a who-dunnit mystery as researchers try to figure out how it got there, and what its intentions are. According to a report in Bleeping Computer, researchers are mystified as to how the malware was distributed, quoting Thomas Reed of Malwarebytes as saying: “Other than the fact that it gets installed via an installer .pkg file, we have no idea. We don’t know how users would have initially found that installer.” Bleeping Computer quotes a report from Red Canary that says: “In addition, the ultimate goal of this malware is a mystery. We have no way of knowing with certainty what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future timeline for distribution.”
Ransomware and SolarWinds Put Insurers on Edge. I recently wrote an article “Cyber Insurance 101: A Guide to Cyber Insurance” so it was interesting to read that the New York State Department of Financial Services (DFS) has issued guidelines, in the form of a “cybersecurity insurance risk framework” for insurers to help protect themselves against unforeseen losses when dealing with cybersecurity. CSO Online reports that the framework spells out a series of practices to help insurance companies manage their risk. These practices fall under seven categories:
- Establish a formal cyber insurance risk strategy
- Manage and eliminate exposure to silent cyber insurance risk
- Evaluate systemic risk
- Rigorously measure insured risk
- Educate insureds and insurance producer
- Obtain cybersecurity expertise
- Require notice to law enforcement
CSO Online notes that many insurers have already been implementing similar policies. In issuing its framework, which other states are expected to implement in varying forms, the DFS says: “From the rise of ransomware to the recently revealed SolarWinds-based cyber-espionage campaign, it is clear that cybersecurity is now critically important to almost every aspect of modern life—from consumer protection to national security.”
Clinton A. Pownall is the President & CEO of Computer Business Consultants and has been in the IT field since 1990. Pownall served in the U.S. Navy for six years as a Weapons Systems Technician and has a Bachelor of Science in Computer Engineering. Through Computer Business, he was one of the first to pioneer VoIP technology using satellite communications. Pownall serves on several boards and committees and has a strong affiliation with various education groups, local school districts, and served in regional efforts of the Bill & Melinda Gates NextGen Foundation. He serves as a Vice President of the Board of Director for the Orlando Shakes Theater and is heavily involved in the South Lake Chamber of Commerce, West Orange Chamber of Commerce, and the Orlando Economic Partnership.