Month: February 2022

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it has compiled a list of free cybersecurity tools and services that can help organizations further advance their security capabilities. This living repository includes cybersecurity services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community. CISA will also implement a process for organizations to submit additional free tools and services for inclusion on this list in the future.

The resources include guidelines on phishing assessment services, remote penetration tests, distributed denial-of-service (DDoS) protection, Project Shield, repositories for threat data, antivirus tools, forensics software, and backup services, among others.

CISO doesn’t endorse the resources for specific use case, so organizations would need to evaluate the tools and services listed to determine if they meet their needs.

Read more about it here.

The Federal Bureau of Investigation (FBI) issued an announcement to inform mobile carriers and the public of the increasing use of Subscriber Identity Module (SIM) swapping by criminals to steal money. From January 2018 to December 2020, the FBI Internet Crime Complaint Center (IC3) received 320 complaints related to SIM swapping incidents with adjusted losses of about $12 million. In 2021, IC3 received 1,611 SIM swapping complaints with adjusted losses of more than $68 million.

SIM swapping is a malicious technique where cyber criminals target mobile carriers to gain access to victims’ bank accounts and virtual currency accounts. Criminal actors conduct SIM swap schemes using these techniques:
Social engineering, insider threat, or phishing techniques.

• Social engineering: Cyber criminals impersonate a victim to trick the mobile carrier into switching the victim’s mobile number to a SIM card in the criminal’s possession
• Insider Threat: Cyber criminals pay off a mobile carrier employee to switch a victim’s mobile number to a SIM card in the criminal’s possession.
• Phishing: Cyber criminals deceive mobile carrier employees into downloading malware used to hack the mobile carrier systems that handle SIM swaps.

“Once the SIM is swapped, the victim’s calls, texts, and other data are diverted to the criminal’s device. This access allows criminals to send ‘Forgot Password’ or ‘Account Recovery’ requests to the victim’s email and other online accounts associated with the victim’s mobile telephone number. Using SMS-based two-factor authentication, mobile application providers send a link or one-time passcode via text to the victim’s number, now owned by the criminal, to access accounts. The criminal uses the codes to login and reset passwords, gaining control of online accounts associated with the victim’s phone profile.”

The FBI recommends individuals take the following precautions:

• Do not advertise information about financial assets, including ownership or investment of cryptocurrency, on social media websites and forums.
• Do not provide your mobile number account information over the phone to representatives that request your account password or pin. Verify the call by dialing the customer service line of your mobile carrier.
• Avoid posting personal information online, such as mobile phone number, address, or other personal identifying information.
• Use a variation of unique passwords to access online accounts.
• Be aware of any changes in SMS-based connectivity.
• Use strong multi-factor authentication methods such as biometrics, physical security tokens, or standalone authentication applications to access online accounts.
• Do not store passwords, usernames, or other information for easy login on mobile device applications.

Read more about it here.

Office 365 and Azure Active Directory (Azure AD) customers were the targets of tens of billions of phishing emails and brute force attacks successfully blocked in 2021 by Microsoft.

“From January 2021 through December 2021, we’ve blocked more than 25.6 billion Azure AD brute force authentication attacks and intercepted 35.7 billion phishing emails with Microsoft Defender for Office 365,” said Vasu Jakkal, Corporate Vice President for Security, Compliance and Identity at Microsoft.

“Strong identity authentication, such as multifactor authentication (MFA) and passwordless solutions would make it a lot harder for threat actors to brute force their way into their targets’ Microsoft accounts,” Jakkal added.

“Across industries, only 22 percent of customers using Microsoft Azure Active Directory (Azure AD), Microsoft’s Cloud Identity Solution, have implemented strong identity authentication protection as of December 2021,” Jakkal said.

Microsoft introduced Cyber Signals, a cyber threat intelligence brief informed by the latest Microsoft threat data and research.

Cyber Signals will provide trend analysis and practical guidance to strengthen the defense of its customers.

Read more about it here.