Intelligent Connections. Recruiting Integrity.
Call Us: 415-510-2973

Archive for the News Category

VoIP Carriers Investigated Over Fraudulent Robocalls

VoIP Carriers Investigated Over Fraudulent Robocalls

An American court has ordered injunctions against two telecom carriers that facilitated hundreds of millions of fraudulent robocalls to consumers in the United States.

The scam calls predominantly targeted elderly and vulnerable people, successfully conning victims out of personal information, money, and property. Many of the robocalls were made by fraudsters overseas impersonating government agencies and conveying alarming messages.

Victims were tricked into thinking that their assets were being frozen, their personal information had been compromised, or their benefits were about to be stopped. 

In some calls, fraudsters impersonated employees at legitimate businesses, including Microsoft. 

The injunctions, which relate to two separate civil actions, are the first of their kind to be obtained by the United States Justice Department. Both orders were issued by the US District Court for the Eastern District of New York, and both civil actions are pending.

The first injunction bars husband and wife Nicholas and Natasha Palumbo and two entities from operating as intermediate voice-over-internet-protocol (VoIP) carriers. 

The Palumbos, of Scottsdale, Arizona, own and operate Ecommerce National LLC and SIP Retail, which do business as TollFreeDeals.com and sipretail.com, respectively. The couple are currently being investigated for what the District Court described as “widespread patterns of telecommunications fraud, intended to deprive call recipients in the Eastern District of New York and elsewhere of money and property.”

The court noted that though the Palumbos had been warned more than 100 times of specific instances of fraudulent calls' being transmitted through their network, they never severed their business relationship with any entity they learned was associated with fraudulent call traffic.

In the second matter, the court entered consent decrees that permanently bar New York resident John Kahen, aka Jon Kaen, and three entities—Global Voicecom Inc, Global Telecommunication Services Inc., and KAT Telecom Inc.—from operating as intermediate VoIP carriers conveying any telephone calls into the US telephone system.

“These massive robocall fraud schemes target telephones of residents across our country, many of whom are elderly or are otherwise potentially vulnerable to such schemes,” said Assistant Attorney General Jody Hunt of the Department of Justice’s Civil Division.

Source: Information Security Magazine

Carnegie Mellon Launches Cybersecurity Master's Degree

Carnegie Mellon Launches Cybersecurity Master's Degree

Carnegie Mellon University (CMU) has launched a cybersecurity-focused master's degree program. 

The new program centers on building expertise in risk management, information security, and data privacy and aims to develop key skills in operations, strategy, and analysis. 

To earn their master's degree, student teams will have to solve real security problems for a national capital area–based organization or government agency.

Instead of being created as a standalone course, the new program will exist as a security-focused track within CMU's established Master of Science in Information Technology (MSIT) program, taught at Heinz College of Information Systems and Public Policy in Washington, DC.

The MSIT: Information Security and Assurance (Cybersecurity-DC) program will be taught by leading security practitioners and researchers and experts from the CERT Division of CMU’s Software Engineering Institute (SEI). 

Among the instructors already lined up for the program is retired Brigadier General Gregory J. Touhill, appointed by President Barack Obama as the first federal CISO of the United States government and currently serving as AppGate Federal Group's president.

"Cybersecurity-DC will create a robust pipeline of highly skilled mission-ready security professionals where it’s needed most—in the heart of the National Capital area region," said Touhill. "Federal agencies and private companies need creative leaders with the blend of skills we teach to better manage risk while defending their organizations and stakeholders against emerging threats."

The program will be delivered in a hybrid format that will see students complete the majority of coursework online. However, some in-person group sessions, seminars, and exams will take place at Heinz College’s DC campus. 

"During these sessions, cohort members will have the opportunity to develop a tight-knit community and create lasting peer networks," said a spokesperson for CMU.

“We’re excited to offer this program, which is unique in the field,” said Andy Wasser, associate dean at Heinz College. 

“Cybersecurity-DC brings together professionals to collaborate and form close bonds with their cohort. It effectively combines the convenience of online learning with our ethos of experiential learning and practical experience, which is crucial to success in the security context.”

The new program will commence in August 2020.

Source: Information Security Magazine

#COVID19 Phishing Scam Tricks People With ‘You Might Be Infected’ Warning

#COVID19 Phishing Scam Tricks People With ‘You Might Be Infected’ Warning

Security awareness training and simulated phishing provider KnowBe4 has announced that it has discovered a new type of phishing scam warning people that they’ve come into contact with a friend/colleague/family member who has been infected with the coronavirus and so are at risk of being infected themselves.

The email, which is crafted to appear as though it has come from a legitimate hospital, instructs users to download a malicious attachment and proceed immediately to the hospital.

The attachment contains hidden malware, KnowBe4 explained, with a number of advanced functions that allow it to evade detection by security applications, worm its way deep into an infested system and serve as a platform for a variety of criminal activities.

“This is a new type of malware that we’re seeing, as it was reported for the first time just a few days ago,” said Eric Howes, principal lab researcher, KnowBe4. “For the bad guys, this is a target-rich environment that preys on end-users’ fears and heightened emotions during this pandemic. Employees need to be extra cautious when it comes to any emails related to COVID-19 and they need to be trained and educated to expect them, accurately identify them and handle them safely.”

The latest discovery is yet another example of how cyber-criminals are seeking to exploit people through phishing emails during the COVID-19 pandemic.

Source: Information Security Magazine

Government Launches Response Unit to Fight #COVID19 Fake News

Government Launches Response Unit to Fight #COVID19 Fake News

The British government has launched a new rapid response unit to coordinate the fight against online misinformation about COVID-19.

Reports suggest that the unit, operating from within the Cabinet Office and Number 10, will help to deal with “false and misleading narratives about coronavirus.” These will include everything from phishing scams to fake ‘experts’ issuing false medical advice.

Culture secretary, Oliver Dowden, has claimed that fake news could cost lives.

“We need people to follow expert medical advice and stay at home, protect the NHS and save lives,” he’s quoted by the BBC as saying. “It is vital that this message hits home and that misinformation and disinformation which undermines it is knocked down quickly.”

As part of these efforts, the government is relaunching a campaign on misinformation called “Don’t Feed the Beast.”

Most social media companies have said they will work with governments to try and halt the spread of rumors online.

Earlier this month, Twitter said it was broadening its definition of online harm to include content that contradicts guidance from public health and other trusted bodies. However, it also admitted that increasing its reliance on automated systems may result in more mistakes as they lack the context that human moderators can bring.

Also earlier in March, the UK’s National Cyber Security Centre (NCSC) said it was removing malicious and phishing websites linked to the pandemic, as businesses and consumers continue to be exposed to credential theft, identity fraud, ransomware and more.

The National Crime Agency also last week released information for individuals and businesses on how to stay safe from fraud and other scams.

It’s claimed the new government rapid response unit is dealing with around 70 incidents of misinformation each week.

Source: Information Security Magazine

Maze Authors Claim to Have Hit Insurer Chubb

Maze Authors Claim to Have Hit Insurer Chubb

A leading insurance provider appears to have been targeted by a notorious ransomware group, which is threatening to release information stolen from the company if it doesn’t pay up.

Chubb Insurance, which offers cyber-policies as well as other types of protection, has become the latest company singled out by the Maze group.

Once organizations have been infected with Maze ransomware the group lists them on its dedicated ‘News’ site, which Infosecurity won't link to, where they are given notice that stolen records will be published unless the ransom is paid.

It’s a relatively new but increasingly popular tactic used by ransomware gangs to force payment even if the victim organization has backed-up.

The group claimed on its site that Chubb was “locked” at some point in March. It included the emails of the firm’s CEO, COO and vice-chairman as ‘evidence’ of its intent, although the insurer has claimed its systems remain untouched.

"We are currently investigating a computer security incident that may involve unauthorized access to data held by a third-party service provider. We are working with law enforcement and a leading cybersecurity firm as part of our investigation,” it said in a statement.

“We have no evidence that the incident affected Chubb’s network. Our network remains fully operational and we continue to service all policyholder needs, including claims. Securing the data entrusted to Chubb is a top priority for us. We will provide further information as appropriate.”

That said, security researchers have discovered unpatched vulnerabilities at the firm which could theoretically have provided a route to ransomware infection.

Bad Packets Report claimed last week to have found five exposed Citrix Netscaler servers, after scanning for the CVE-2019-19781 vulnerability.

The flaw in Citrix Application Delivery Controller (ADC) and Citrix Gateway could allow an unauthenticated attacker to perform arbitrary code execution. It’s already been linked to multiple ransomware attacks including one on a German car parts manufacturer.

Source: Information Security Magazine

Global E-Commerce Fraud to Top $25bn by 2024

Global E-Commerce Fraud to Top $25bn by 2024

Global online payment fraud losses are set to soar by more than 50% over the coming four years to exceed $25bn per year, according to a new report from Juniper Research.

The market analyst’s report, Online Payment Fraud: Emerging Threats, Segment Analysis & Market Forecasts 2020-2024, predicted a 52% growth in merchant losses to scams over the period.

The growing popularity of online shopping combined with the enhanced security of card-present transactions through the EMV initiative is helping to drive much more fraud into e-commerce, the analyst claimed.

This is despite the launch of Secure Customer Authentication (SCA) checks in Europe, although this initiative has been delayed several times. The new rules, part of the EU’s PSD2 banking regulation, will now come into force by December 31 2020 in Europe and March 2021 in the UK.

They mandate that certain transactions be subject to two-factor authentication in order to help lock fraudsters out. However, there are concerns that SCA might also create extra user friction which puts consumers off.

Juniper Research urged merchants to work closely with security vendors to design and implement extra authentication checks in shopping apps that minimize friction.

It also argued that e-commerce providers must take a more educational role, providing information to customers on the need for improved cybersecurity and changes to checkout processes, as well as details on some of the most popular scams.

The analyst claimed this was particularly important in China, which it said will account for 42% of e-commerce fraud by 2024.

“The explosion of e-commerce means that fraudsters have evolved their tactics, and so merchants must also evolve,” argued report co-author, Nick Maynard.

“E-commerce merchants must educate their users in anti-fraud best practice, as the human element is consistently the most vulnerable to exploitation in the online payments ecosystem”.

Source: Information Security Magazine

Domain Registrars Take Action Against Fraudulent COVID-19 Websites

Domain Registrars Take Action Against Fraudulent COVID-19 Websites

American domain registration companies are taking steps to combat coronavirus-related fraud. 

Budget hosting provider Namecheap Inc. has halted automated registration of website names that reference the COVID-19 health crisis. The Los Angeles–based company's action comes after a surge in fraudulent websites seeking to profit from the pandemic.

Online scams proliferating from the coronavirus outbreak have included fraudulent charity websites, sites selling fake vaccines and cures, and infection-tracking sites that deliver malware. 

In an email to customers sent on March 26, Namecheap CEO Richard Kirkendall said the company was removing terms such as “coronavirus,” “COVID,” and “vaccine” from the company's domain availability search tool. 

While legitimate domains can still be registered manually by company employees, Kirkendall said that Namecheap was working with authorities to "proactively prevent and take down any fraudulent or abusive domains or websites related to COVID19 or the Coronavirus."

America's largest US domain registry business GoDaddy is also taking action against unscrupulous COVID-19 cyber-criminals. The Arizona firm said it has already taken down several fraudulent sites as part of its "human review process." 

A GoDaddy spokesperson said: "We do not tolerate abuse on our platform and our Universal Terms of Service (UTOS) gives us broad discretion to act on complaints, and this includes COVID-19 abuse. To date, our teams have already investigated and removed COVID-19 fraud sites in response to reports, and our vigilance will continue long after the COVID-19 crisis comes to an end."

In neighboring Canada, Toronto firm Tucows Inc., which operates retail registration business Hover, is flagging all "covid" and "corona" domains for manual review. Company spokesperson Graeme Bunton said that the Tucows was on the lookout in particular for any sites peddling fake COVID-19 cures or tests. 

Efforts by the companies to combat fraud come after New York Attorney General Letitia James wrote to the internet's largest domain registrars on March 20, asking for their help in tackling coronavirus-related fraud. 

Letters were sent to GoDaddy, Dynadot, Name.com, Namecheap, Register.com, and Endurance International Group (owner of Bluehost.com, Domain.com, and HostGator.com).

On Saturday, the US Department of Justice filed its first court action against a website operator accused of committing fraud to profit from the global COVID-19 pandemic.

Source: Information Security Magazine

US Plans to Dig Up the Dead for New Cyber-Defense Building

US Plans to Dig Up the Dead for New Cyber-Defense Building

The United States government is planning to relocate a family cemetery in Maryland to make way for a new cyber-defense facility.

Last week, a Maryland District Court judge granted the federal government the right to possess a cemetery that is located on the grounds of Fort George G. Meade. The 418-square-foot site, embraced by a chain-link fence, is currently the resting place of members of the Downs family. 

In 1917, as World War I was raging, the Downs family saw their land transformed into a military base. Now it seems likely that the family's cemetery is to be taken over for the grave purpose of national defense. 

Court filings indicate that two members of the Downs family are interred at the plot, both of whom enjoyed impressive longevity for their time. The first person to be buried there was Mary A. Downs, who lived from 1803 to 1875. The second individual to be laid to rest at the site was William Downs, who was born in 1790 and didn't shuffle off this mortal coil until 1883. 

Should the Department of Defense's plan to obtain the cemetery succeed, the land will be used to build national security computing facilities. The DoD has said that it will move William and Mary's headstones to Bethel Cemetery, where their remains will be re-interred.

According to the Anne Arundel Genealogical Society, there is “a possibility that slaves owned by the Downs family were buried outside the fenced cemetery and a larger area was then cordoned off using orange construction fencing.” However, court filings state that an archaeological study of the area revealed no additional graves. 

Downs family descendant Mike Myers has raised no objection to the department's plans to relocate his ancestors. 

Annapolis resident Myers said: "My grandmother, she was into family history, so if she was alive it would have mattered to her. It really doesn’t matter to me one way or the other."

What is now Fort Meade was once the Downs family farm, built on land owned by the Downs family since before the Civil War. The farm became Camp Meade—a training base for US soldiers destined to fight overseas in World War I—in 1917.

Then in 1919, William T. Downs, along with dozens of local residents, sold his farm to the government so that Fort Meade could be built. 

Source: Information Security Magazine

LORCA Launches Open Call for Fifth Cohort of Cyber-Scaleups

LORCA Launches Open Call for Fifth Cohort of Cyber-Scaleups

A global open call has been launched by the London Office for Rapid Cybersecurity Advancement (LORCA) for its fifth cohort of cyber-scaleups. The selection criteria will be focused on companies which aim to solve issues brought to the fore by the COVID-19 pandemic, such as tackling disinformation and improving the security of remote working.

LORCA, which began in June 2018 with UK government funding, has run its year-long accelerator program four times previously. These have been highly successful, with venture capital investment in LORCA companies standing at over £86m. Delivered by Plexal, the innovation centre at Here East in the Olympic Park, the program aims to develop the UK cybersecurity sector, enhancing overall internet safety.

For this new program, LORCA is particularly keen to invite applications from scaleups that are taking on the complex cyber-threats people are facing in an increasingly hyper-connected world, securing the digital safety of individual citizens. These types of challenges have been emphasised by the current COVID-19 pandemic.

Louise Cushnahan, head of innovation, Centre for Secure Information Technologies (CSIT), a LORCA delivery partner, commented: “At this time of COVID-19 related international emergency we are seeing the online spread of disinformation aggravate the public health crisis, rapid adoption of remote working putting pressure on information security and malicious actors seeking to take advantage of weak links in cybersecurity and overburdened IT teams.”

Those selected will receive business mentoring, connections to investors, support in accessing new markets and growing an international presence, as well as access to commercial and engineering expertise from LORCA’s delivery partners.

Saj Huq, program director, LORCA, said: “As well as meeting the needs of industry today, LORCA catalyzes innovation that caters to the cybersecurity challenges on the horizon that will intersect both society and business and require new models of collaboration to solve.”

In light of COVID-19, all course curriculum and some events in this program will be delivered virtually.

The deadline for applying is Monday May 4 2020, with full details available here.

Source: Information Security Magazine

FBI Issues Child Sextortion Warning Amid School Closures

FBI Issues Child Sextortion Warning Amid School Closures

America's Federal Bureau of Investigation has warned that children who are spending more time online as a result of early school closures face an increased risk of being exploited.

In a statement issued on March 23, the FBI wrote: "Due to school closings as a result of COVID-19, children will potentially have an increased online presence and/or be in a position that puts them at an inadvertent risk. 

"Due to this newly developing environment, the FBI is seeking to warn parents, educators, caregivers, and children about the dangers of online sexual exploitation and signs of child abuse."

According to UNESCO monitoring, over 160 countries have implemented nationwide closures of educational institutions in response to the COVID-19 health crisis, impacting over 87% of the world’s student population. 

In America, where almost all public-school buildings are now closed in the majority of states, the digital divide has deepened between those students who have the computers and internet access needed to carry on their education online and those who don't.

According to a 2019 report from the Federal Communications Commission, around 21 million people in the United States don't have access to broadband. In New York City alone, there are an estimated 300,000 students without access to electronics, according to the Department of Education's chancellor, Richard Carranza. 

In some states, it's the schools rather than the students that lack the resources needed to educate virtually.

"The reality is that probably the majority of school districts, and there are more than 13,000 of them, don’t have the ability to provide continuous virtual online instruction," Dan Domenech, executive director of the American School Superintendents Association in Alexandria, Virginia, told Bloomberg.

"This experience may accelerate virtual learning in schools, but right now it is definitely inequitable for students without internet access or a computer at home, and inequitable for the special-education population."

With many facilities now closed to limit the spread of COVID-19, students who relied on accessing computers and the internet via their local library or community center or who relied on free public WiFi in cafes and restaurants are unable to access online learning resources.

The FBI has advised parents with children who can get online to discuss internet safety with their children and to review any games or apps before they are downloaded.  

Source: Information Security Magazine