This week’s Cyber Security Headlines – Week in Review, June 28-July 2, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Gerhard Rickert, VP, Information Security, Central Pacific Bank

Cyber Security Headlines – Week in Review is live every Thursday at 4pm PT/7pm ET. Join us each week by registering for the open discussion.

Fast, reliable broadband is now a key selling point for UK house hunters

Research from online real estate agency Purple Bricks found that 41% of potential buyers in the UK now place speed of broadband internet connectivity as top priority when buying a home, more than the proximity to schools, transit, stores and restaurants. This change is being seen as another indicator of growing interest in working from home as a more permanent arrangement for many. And a surge of interest in people wanting to move to the country has been coupled with demand for good internet in areas that might otherwise have weak connections, to a point that telecom companies are becoming involved in purchase negotiations, offering plans for connectivity upgrades.

(The Guardian)

Western Digital removed code that would have prevented the wiping of petabytes of My Book data

Following up on a story we brought you on Monday, it appears week’s mass-wiping of Western Digital My Book Live storage devices involved the exploitation of not just one vulnerability but also a second critical security bug that allowed hackers to remotely perform a factory reset without a password, an investigation shows. Reading the vulnerable code itself, shows that a Western Digital developer actively removed sections that required a valid user password before allowing factory resets to proceed.

The PC Health check tool  that had initially caused this confusion has been temporarily pulled. Microsoft “will get it back online in preparation for general availability this fall.” 

(Microsoft)

Thanks to our episode sponsor,
Keyavi

Worried about being the next ransomware victim, like Colonial Pipeline? Cyber criminals stole gigabytes of data before their first extortion attempt, demanding payment to decrypt Colonial’s information. Despite a multi-million-dollar ransom payment, the pipeline’s stolen data is in the hands of these attackers forever. Head to www.keyavi.com/sessions to learn more about protecting data from extortion attempts.

US States consider outlawing ransomware payments

Conventional security wisdom has consistently said not to pay ransomware demands. The FBI has also consistently tried to discourage the practice. Now in the wake of the Colonial Pipeline attack and subsequent ransom payment, New York, Pennsylvania, North Carolina, and Texas are all considering bills that would put legal barriers in the way of paying ransoms. New York is the only state considering barring private sector businesses from paying ransoms. The other three states, and a separate bill in New York, would bar paying a ransom with state and local taxpayer money or other public money. The hope is such bills would reduce the financial incentive of attackers targeting the public sector. 

(CSO Online)

Data for 700 million LinkedIn users posted for sale 

On the heels of the loss of 500 million records in April, a new posting with 700 million LinkedIn records has appeared on the popular hacker forum RaidForums, according to researchers. from Privacy Sharks. An ad posted June 22, claims that the records are included in the cache, and included a sample of 1 million records as proof. According to LinkedIn, no breach of its networks has occurred this time, either, so the scraping of public profiles is a likely source. Though no financial information was released, the data is prime raw material for identity theft, spam, brute force attacks and social engineering.

(Threatpost)

House lawmakers introduce American Cybersecurity Literacy Act to mitigate cyber risks

A bipartisan group of representatives introduced legislation that mandates the National Telecommunications and Information Administration (NTIA) to set up a cyber literacy campaign to bring awareness on online security and prevention of potential cyberattacks. The awareness programs include basic security lessons on how to detect phishing emails, the importance of strong passwords, using multi-factor authentication, and risks associated with the public internet.

(CisoMag)

PoC exploit accidentally leaks for dangerous Windows PrintNightmare bug

In what looks to have been an accident, an in-depth technical write-up and a fully working PoC exploit were shared on GitHub yesterday. Focusing on a vulnerability in the Windows Print Spooler service that can allow a total compromise of Windows systems. Initially this bug was categorized as a low-importance vulnerability, but Microsoft last week updated its description to classify it as a remote code execution issue that could be remotely exploited to allow attackers to take full control of unpatched Windows systems. The GitHub repo was been taken offline after a few hours, but not before it was cloned by several other users.

(The Record)

Maine passes strong facial recognition ban

The law is the strongest state prohibition on the technology, largely forbidding government use of facial recognition. There are some exemptions, the largest permitting its use by police who have probable cause that an unidentified person in an image committed a serious crime, or for proactive fraud prevention. Maine’s police do not have access to facial recognition databases, so in these instances, the searches would be run by the FBI and Maine Bureau of Motor Vehicles. The law also gives Maine citizens the right to sue if improperly targeted by government facial recognition. Washington is the only other state with a facial recognition ban, although Virginia and Massachusetts have also passed bans on police using the technology. 

(The Verge)