Pete Recommends – Weekly highlights on cyber security issues, June 26, 2022

Subject: Browser extension lets you remove specific sites from search results
Source: Bleeping Computer

The uBlackList browser extension lets you clean up search results by removing specific sites when searching on Google, DuckDuckGo, Bing, and other search engines.

While the browser extension is not new, being developed since early 2021, it was recently posted to Y Combinator’s Hacker News, so we thought we would take a look at it.

uBlackList is a browser extension for both Chromium and Firefox that allows you to input a list of websites you want to be blocked from search results.

Whether these sites are low quality, are known for misleading information, or you simply have no desire to read their content, uBlackList can prevent them from being displayed on the Google, Bing, DuckDuckGo, Ecosia, Qwant, StartPage, and Yahoo! Japan search engines.

Subject: How to fix failed VPN connections | Troubleshooting Guide
Source: TechRepublic

Virtual private networks have risen from obscurity to become the frequently preferred method of linking private networks. Although VPNs became popular because they enabled using the Internet to secure network connections, thereby eliminating the need for expensive dedicated circuits, VPN adoption skyrocketed because the technology also proved relatively simple, reliable and secure.

Considering VPNs foolproof, however, leads to a false sense of security. Following state-sponsored attacks that used compromised VPNs to enable exploitative attacks, organizations received a wakeup call that VPN accounts require close monitoring and safeguarding too.

With proper security practices, VPNs continue to effectively fulfill an essential need reliably and securely connecting remote employees, branch offices, authorized partners and other systems. Yet VPN connection errors continue to inevitably arise.

Often, Windows server-powered VPN connection issues that arise often fall into one of four categories:


Subject: How ML-powered video surveillance could improve security
Source: VentureBeat

The expanding use of surveillance cameras, whether in service of public safety, health monitoring or commercial operations, has heightened concerns about privacy. These days, it seems people’s movements will be captured on CCTV cameras regardless of where they go.The number of surveillance systems in use has grown, with no signs of slowing down. According to the U.S. Bureau of Labor Statistics, the number of surveillance camera installations in the U.S. grew from 47 million to 85 million from 2015 to 2021, an increase of 80%. That’s roughly one camera installation for nearly every 4 people in the country. Globally, the number of surveillance cameras in use was expected to exceed a billion in 2021, according to the most recent research by IHS Markit. And the video surveillance market is expected to grow at an annual rate of more than 10% through 2026, according to Reportlinker.

Some cities in the U.S. have responded. In 2019, San Francisco banned the use of facial recognition in local agencies’ surveillance cameras, and since then, at least a dozen other U.S. cities have instituted bans of facial recognition for one use or another. But more surveillance doesn’t necessarily have to mean less privacy.

Improvements in machine learning (ML) technology can both improve the efficiency of gleaning data from surveillance camera feeds, while also going a long way toward protecting the privacy of people who appear in those feeds. A smart camera can, for example, perform processing locally, eliminating the need to transmit and store data. It also can have the intelligence to know the difference between what it should be capturing and what it should ignore. While more efficiently performing its tasks, a smart camera can also help prevent both intentional and unintentional misuse of data.

While making video surveillance systems more powerful and potentially intrusive, ML and AI can also be used to protect privacy. Video intelligence software based on deep learning — a subset of AI — can be trained to focus on what it should be watching and effectively look away from what it should not.

Subject: Rapid7 research reveals which data ransomware groups seek and use for leverage
Source: gHacks Tech News

When it comes to ransomware attacks, some data is more precious to ransomware groups as others. A new research study by Rapid7, Pain Points: Ransomware Data Disclosure Trends, provides insight on the data that ransomware groups value and how they use data to apply pressure.

Double extortion attacks have increased in recent years. Traditional ransomware attacks encrypt data on attacked systems to extort money from companies and individuals. The rise of countermeasures, including the use of backups, have reduced the effectiveness of traditional ransomware attacks.

If data backups are available, companies could use these to restore the data without having to pay ransom. Without additional leverage, ransomware groups would be left empty handed after the attack.

Double extortion attacks combine the encryption stage with another stage, which happens before data is encrypted. Groups analyze files and documents on the attacked network to steal data. Data is still held hostage, as it is encrypted in the second stage, but the stolen data may be used as leverage in ransomware negotiations. Ransomware groups may threaten to release the data to the public, or sell it to interested parties. If negotiations fail, data may be sold on the dark web.

Ransomware studies are released frequently. We have covered two here on Ghacks in the past two months alone. The first, confirms that ransomware attacks and ransom payments are increasing. The second, that the ransom payment is marginal when compared to the overall costs of ransomware attacks.


Subject: How to Password Protect Any File
Source: WIRED

You never know when one of your files might reach someone it wasn’t intended to reach—perhaps through an email forward, a USB stick left behind on a desk, or maybe even an unauthorized user accessing your computer.

Should that happen, password protection is all that stands between your data and the people whom you don’t want to see it. It’s an extra layer of security you can add to your most sensitive files without too much trouble.

How you go about this will depend on the software you’re using to create the file in the first place. Some applications have password protection features built in, while in other cases you’ll need to lock up your files using a different method.


Subject: The American Data Privacy and Protection Act (ADPPA): what to expect
Source: VentureBeat

Ever since the bipartisan draft bill of the American Data Privacy and Protection Act (ADPPA) was released earlier this month, there’s been lots of speculation about the impact new data privacy requirements would have on enterprises in the US and beyond.

One of the most significant changes would be that organizations or “covered entities,” would need to minimize the data they collect, process and transfer “covered data,” which the ADPPA defines as “information identifying, linked, or reasonably linkable to an individual.”

In practice, covered data could be as simple as government ID numbers or Social Security Numbers (SSNs) to private communications, or any information related to data subjects under 17.

What would the ADPPA mean for enterprises? Much like the General Data Protection Regulation (GDPR), ADPPA would impose new data protection requirements on enterprises, forcing them to implement policies to protect covered data from access by unauthorized individuals.

Topics: Business; Security

Subject: Do You Have Ransomware Insurance? Look at the Fine Print
Source: The Hacker News

Insurance exists to protect the insured party against catastrophe, but the insurer needs protection so that its policies are not abused – and that’s where the fine print comes in. However, in the case of ransomware insurance, the fine print is becoming contentious and arguably undermining the usefulness of ransomware insurance.

In this article, we’ll outline why, particularly given the current climate, war exclusion clauses are increasingly rendering ransomware insurance of reduced value – and why your organization should focus on protecting itself instead

See also:

Subject: US TikTok User Data Has Been Repeatedly Accessed From China, Leaked Audio Shows
Source: BuzzFeed News

“I feel like with these tools, there’s some backdoor to access user data in almost all of them,” said an external auditor hired to help TikTok close off Chinese access to sensitive information, like Americans’ birthdays and phone numbers.

For years, TikTok has responded to data privacy concerns by promising that information gathered about users in the United States is stored in the United States, rather than China, where ByteDance, the video platform’s parent company, is located. But according to leaked audio from more than 80 internal TikTok meetings, China-based employees of ByteDance have repeatedly accessed nonpublic data about US TikTok users — exactly the type of behavior that inspired former president Donald Trump to threaten to ban the app in the United States.

The recordings, which were reviewed by BuzzFeed News, contain 14 statements from nine different TikTok employees indicating that engineers in China had access to US data between September 2021 and January 2022, at the very least. Despite a TikTok executive’s sworn testimony in an October 2021 Senate hearing that a “world-renowned, US-based security team” decides who gets access to this data, nine statements by eight different employees describe situations where US employees had to turn to their colleagues in China to determine how US user data was flowing. US staff did not have permission or knowledge of how to access the data on their own, according to the tapes.

“Everything is seen in China,” said a member of TikTok’s Trust and Safety department in a September 2021 meeting.

Subject: Serious Warning Issued For Millions Of Google Gmail Users (Forbes)
Source: Youssef Sammouda Blog post via The RISKS Digest Volume 33 Issue 30

Serious Warning Issued For Millions Of Google Gmail Users (Forbes) geoff goodfellow <[email protected]> Sat, 21 May 2022

Gmail is the world's most popular email service, it is also known as one of the most secure. But a dangerous exploit might make you rethink how you want to use the service in future.

In an eye-opening *blog post* <>, security
researcher Youssef Sammouda has revealed that Gmail's OAuth authentication code enabled him to exploit vulnerabilities in Facebook to hijack Facebook accounts when Gmail credentials are used to sign in to the service. And the wider implications of this are significant.

Speaking to *The Daily Swing* <>,
Sammouda explained...


Subject: SPECIAL EDITION: New Study Released on Pandemic-Related Identity Fraud | Nationwide | COVID-19 & Identity Fraud
Source: Fraud of the Day

According to the Pandemic-Related Identity Fraud Crime Victim Impacts Report, the past two years have brought about an unprecedented surge of government benefits-related identity fraud. The Identity Theft Resource Center (ITRC), a nationally recognized nonprofit organization established to support victims of identity crime, and LexisNexis Risk Solutions, a leading provider of data, analytics, and technology to help organizations manage risk, have teamed up to release the report, which details the massive extent to which individuals and government agencies have been impacted by government benefits identity fraud since 2020, especially in the areas of unemployment benefits and small business loans.

A group comprised of more than 1,800 consumers, self-identified identity crime victims, and government officials were surveyed for this study, and the findings were alarming, to say the least. Nearly half (42%) of pandemic benefits applicants reported being a victim of identity fraud. These unfortunate victims were denied benefits or had benefits disbursed in their names, even though they had not applied for any pandemic-related benefits. More than half of those cases took between six months and one year to resolve.

As of right now, there are no national or state infrastructures in place to provide free support to victims of serious identity fraud cases. In addition to that, only 26 percent of the victims who self-identified in this study said they reported the crime to a government agency. There is a noteworthy disconnect between the types of identity credentials consumers are required to provide to these agencies, and the level of comfort they have with doing so.


Subject: Report: Adobe Reader is blocking antivirus tools from scanning loaded PDF documents
Source: gHacks Tech News

The company found evidence that Adobe is blocking around 30 different security products from scanning loaded PDF documents. The list reads like the who is who of security companies, with one notable exception. Products from Trend Micro, McAfee, Symantec, ESET, Kaspersky, Malwarebytes, Avast, BitDefender and Sophos are blocked, according to the report. The one notable exception, at least from a market share point of view, is Microsoft Defender, which is not blocked by Adobe’s software.

Here is the full list of affected companies and products:

Trend Micro, BitDefender, AVAST, F-Secure, McAfee, 360 Security, Citrix, Symantec, Morphisec, Malwarebytes, Checkpoint, Ahnlab, Cylance, Sophos, CyberArk, Citrix, BullGuard, Panda Security, Fortinet, Emsisoft, ESET, K7 TotalSecurity, Kaspersky, AVG, CMC Internet Security, Samsung Smart Security ESCORT, Moon Secure, NOD32, PC Matic, SentryBay

Blocked products are denied access to the loaded PDF file, which means that malicious code can’t be detected or stopped by the products during the loading phase.

In other words: Adobe has chosen to address stability issues by blocking security processes. Minerva Labs points out that Adobe picked convenience and the insertion of a “malware-like” behavior over resolving the issue permanently.


Subject: DOJ ramps up efforts to curb digital stalking and abuse
Source: GCN

In a whole-of-government approach to fighting online harassment, a new Justice Department task force will improve data collection on digital crimes and train state and local law enforcement.

The Justice Department announced the creation of a new task force last week dedicated to furthering the fight against online harassment and abuse, focusing particularly on protecting the LGBTQ+ community.

Attorney General Merrick Garland revealed the new task force on Thursday, June 16, noting that the majority of victims enduring online harassment are women, children and LGBTQ+ community members.

“Preventing and addressing online criminal harassment and abuse requires a whole-of-government approach,” he said. “And that is why the Department of Justice is eager to take its place, take its role, to take part in the critical wok of this task force.”

The director of the FBI will create a category within the Uniform Crime Reports to publish a separate annual report on cybercrime trends and enforcement efforts.


Subject: Mayors Endorse an Array of Emerging Technologies
Source: Route Fifty

City leaders staked out positions related to drones, public safety, broadband, renewable energy, blockchain technology and more at their 90th annual conference.

At their 90th annual meeting in Reno, Nevada, the U.S. Conference of Mayors adopted resolutions on hot-button issues like reproductive rights, gun regulations and the opioid epidemic. Among the 100-plus resolutions were also those related to public safety, renewable energy and blockchain technology.

Here’s a breakdown of what the members proposed:


Subject: GAO: Potential Federal Cyber Insurance Program Should Avoid Moral Hazard
Source: Nextgov

The government watchdog highlighted the need for specific security requirements in recommending other relevant agencies explore the possibility of providing federal assistance to private sector entities following a catastrophic event.

The Treasury Department’s Federal Insurance Office and the Cybersecurity and Infrastructure Security Agency should consider the danger of creating counterproductive incentives while examining the need for a federal cyber insurance program, according to the Government Accountability Office.

“CISA and FIO should jointly assess the extent to which risks to critical infrastructure from catastrophic cyber incidents and potential financial exposures warrant a federal insurance response,” the agency reported Tuesday.

The GAO report, which was initially forecast to be published over a year ago, studied whether Treasury’s Terrorism Risk Insurance Program should be expanded to cover the fallout from cybersecurity incidents. It stems from a remit in the National Defense Authorization Act to report on the state of the larger cyber insurance market, which has long been viewed as a non-regulatory way to drive improvements in organizations defenses.

“Consistent with these elements, any federal insurance response should include clear criteria for coverage, specific cybersecurity requirements, and a dedicated funding mechanism with concessions from all market participants.”


Subject: Trend Micro Cloud App Security Threat Report 2021
Source: Trend Micro via beSpacific

Trend Micro: … Meanwhile, the 2021 Internet Crime Report by the FBI’s Internet Crime Complaint Center (IC3) states that there was “an unprecedented increase in cyberattacks and malicious cyber activity” last year, with business email compromise (BEC) being among the top incidents. In this report, we discuss the notable email threats of 2021 based on the data that we’ve gathered using the Trend Micro™ Cloud App Security™, a security solution that supplements the preexisting security features in email and collaboration platforms…”NB Trend Micro categories:Posted in Roundup, Threat Reports, Business Email Compromise, Malware, Phishing, Spam

Abstracted from beSpacific
Copyright © 2022 beSpacific, All rights reserved.

Subject: T-Mobile Is Hawking Your App and Web History to Advertisers
Source: Gizmodo

In yet another example of T-Mobile being The Worst with its customer’s data, the company announced a new money-making scheme this week: selling its customers’ app download data and web browsing history to advertisers.

The package of data is part of the company’s new “App Insights” adtech product that was in beta for the last year but formally rolled out this week. According to AdExchanger, which first reported news of the announcement from the Cannes Festival, the new product will let marketers track and target T-Mobile customers based on the apps they’ve downloaded and their “engagement patterns”—meaning when or how often they open and close particular apps.

There is, of course, the question of how any of this is legal—especially considering how multiple mobile carriers (including T-Mobile!) suffered fines in 2020 for pawning off customer’s data to brokers without their consent, years after they’d promised not to.

Filed: Privacy and Security

Subject: Best VPN services 2022 — Today’s top picks
Source: Digital Trends

People all over the world use on the internet daily for everything from work and social networking to managing their finances, so it’s no mystery why online security is a such a concern nowadays. Hardening your network and all of your devices against cyber-criminals, data thieves, online busybodies, and institutional censorship may seem daunting for the uninitiated, but even if you’re not tech-savvy, a virtual private network (or VPN) is an easy way to do it. You have quite a few services to choose from, though, and finding the best VPN for your needs is not so simple as not all virtual private networks are the same. To help you pick the right one, we’ve rounded up the best VPN services for 2022 and laid out all of their features, prices, and other details below.

Posted in: Cybercrime, Cybersecurity, E-Commerce, Internet Trends, Privacy, Search Engines, Search Strategies