Cyber Security Headlines Week in Review: North Korea hacks 3CX, DISH ransomware lawsuits, Genesis Market seized

This week’s Cyber Security Headlines – Week in Review, April 3-7, is hosted by Rich Stroffolino with our guest, Rich Gautier, former CISO, Department of Justice, Criminal Division

Cyber Security Headlines – Week in Review is live every Friday at 12:30pm PT/3:30pm ET. Join us each week by registering for the open discussion at CISOSeries.com

More evidence links 3CX supply-chain attack to North Korean hacking group

The supply-chain attack on the enterprise phone company 3CX used hacking code that “exactly matches” malware previously seen in attacks by a notorious North Korean group, according to new analysis. Sophos added more evidence Friday to this attribution, saying that a shellcode loader the attacker used has only previously been seen in incidents attributed to the Lazarus Group. They continued, “it’s clear the perpetrators were able to compromise the installation in a way that users unknowingly downloaded not only the original application but also additional malicious code.” The hackers secretly modified these apps so they executed malicious commands in the background, downloading malware that allowed them to steal sensitive information from the web browsers on users’ computers.
(The Record)

DISH slapped with multiple lawsuits after ransomware cyber attack

Dish Network has been slapped with multiple class action lawsuits after it suffered a ransomware incident that was behind the company’s multi-day “network outage.” These class action lawsuits, filed across different states, allege that DISH “overstated” its operational efficiency while having a deficient cybersecurity and IT infrastructure. The legal actions aim to recover losses faced by DISH investors who were adversely affected by what has been dubbed a “securities fraud.”
(Bleeping Computer)

The security costs of remote work

The security firm Lookout released its State of Remote Work Security Report, which included survey results on how the pandemic fueled practice impacts security. The report found that 92% of remote employees perform work tasks on personal devices, while 32% of remote and hybrid workers use apps not approved by IT. As a result of both practices, corporate data is increasingly being accessed by means not visible to IT or security, increasing the risk profile of an organization. The report also found that 90% of remote workers access corporate networks from areas outside their home, with an average of five locations. 45% of respondents said they used the same password for work and personal accounts. 

(IT SEcurity Guru)

DoD wants you to “Hack the Pentagon”

The US Department of Defense launched a new Hack the Pentagon website. This will serve as a companion for the Pentagon’s existing bug bounty program, which began in 2016. This will expand those efforts, as the bug bounties will shift from a project-by-project basis and help departments within DoD run continuous bug bounty programs. These programs will still only allow contributions from vetted security researchers. Although the site could make it easier to onboard new researchers onto projects. 

(Security Week)

Thanks to today’s episode sponsor, Normalyze

Normalyze is a cloud data security platform that continuously discovers sensitive data and their access paths across your cloud environments. Normalyze provides the ability to analyze, prioritize and respond to data threats to prevent damaging data breaches. Their cloud-native platform manages data security posture and compliance by automatically tracking risks to sensitive data, visually showing  teams who can  access what, and quickly block unauthorized access or vulnerable points of attack. Discover, visualize, and secure your cloud data in minutes with Normalyze Freemium. Go to normalyze.ai.

Genesis Market platform seized by police

On Tuesday, an FBI-led operation seized Genesis Market, one of the most significant online platforms where criminals sell stolen credentials along with tools to weaponize that data. The market has been linked to millions of financially motivated cyber incidents globally, from fraud to ransomware attacks. A splash page revealing the takedown, titled Operation Cookie Monster, has replaced the login pages on Genesis Market’s websites on both the dark and regular web. It is believed that a large number of arrests related to the crackdown are being carried out globally.

NOTE: The police have already set up a website to see if your ID was one of the ones for sale – check it out at https://www.politie.nl/en/information/checkyourhack.html#check
(The Record)

Canadian privacy commissioner launches ChatGPT investigation

The Office of the Privacy Commissioner of Canada (OPC) has launched an investigation into OpenAI’s ChatGPT chatbot. The OPC said Tuesday that the case was launched in response to “a complaint alleging the collection, use, and disclosure of personal information without consent. The speed at which it’s moving is outpacing our ability to make sense of it, know what risks it poses.” This investigation follows a series of ChatGPT crackdowns including China and Italy recently blocking its use.

(betakit)

Samsung reportedly leaked its own secrets through ChatGPT

Less than three weeks after Samsung lifted a ban on employees using ChatGPT, the company has reportedly leaked its own secrets at least three times. The ban was originally intended to protect company data but was lifted on March 11 to enhance productivity and keep staff engaged with the world’s latest tech tools. According to a Korean local media report, those now-leaked secrets include equipment measurement and yield data from the conglomerate’s device solution and semiconductor business unit. One employee told the local outlet they copied all the problematic source code of a semiconductor database download program, entered it into ChatGPT, and inquired about a solution.

(The Register)

Many workers willing to take a pay cut to work remotely, survey finds

Americans have grown so fond of working from home that many are willing to sacrifice pay on average up to 18% for the privilege of skipping the office. This according to a recent survey by recruiting firm Robert Half. The survey polled more than 2,500 U.S. workers and 2,100 hiring managers in November and found that roughly three-quarters of workers said they are happier and more productive when they’re working from home despite sometimes having to work longer hours. Yet those preferences are finding pushback from employers to get people back in the office. A recent Resume Builder survey found that nine out of 10 companies will require employees back to the office in 2023.

(CBS News)

Steve Prentice
Author, speaker, expert in the area where people and technology crash into each other, viewed from the organizational psychology perspective. Host of many podcasts, voice actor and narrator for corporate media and audiobooks. Ghost-writer for busy executives.