Uncategorized

I just read this article and thought I’d share since it’s relative to us in the PA area.  Wawa just announced it found malware on its payment processing servers and that it had affected customer payment information since March 4th.  The malware is believed to have been present on most of the 850 store locations by April 22nd.  It exposed credit and debit card numbers, expiration dates, and cardholder names on payment cards used in-store and at gas pumps.  They discovered the malware on December 10th and had it contained by the 12th.  An external forensics firm was hired and is currently investigating to support their review.

Here’s what to do if affected:
“Wawa customers can call 1-844-386-9559 to ask questions and get free credit monitoring and identity-theft protection if their personal information was affected. Consumers should also review payment card account statements for any unauthorized charges.”

https://www.inquirer.com/business/wawa-data-breach-credit-debit-card-numbers-exposed-20191219.html

Elderly individuals are more likely to be targeted by online financial fraud and also lose a higher amount than average.  Cybercrimes against the elderly have increased 5x since 2014 and cost more than $650 million in losses per year.  A new study suggests changes to how the FBI collects information and responds to online crimes targeting elderly and provides suggestions for those living on bank balances, pensions and retirement funds to better protect their assets from online frauds.   The study showed older adults were more tech savvy than expected, but they had problems with FBI forms that require victims of scams to report their experiences online.  The forms timed out too fast and didn’t allow participants to upload screenshots of conversations (something the older adults preferred).  They also felt embarrassed to report- they didn’t want to bother family members or sound like they didn’t understand the technology.

Some preventative measures that are helpful to seniors:

• Different passwords for each site, but if they can’t remember them, it’s safer to have different passwords written down in a drawer than the same password across all the sites.
• Only enter sensitive infoformation on “secure” websites
• Log out of accounts on shared computers
• Use VPNs when using public Wi-Fi
• Report online scams

https://www.cnbc.com/2019/11/23/new-research-pinpoints-how-elderly-people-are-targeted-in-online-scams.html

A new phishing attack that tries to convince the target to open a malicious attachment is being sent through email.  The email identifies itself as being sent from Microsoft with subject lines “Install Latest Microsoft Windows Update now!” or “Critical Microsoft Windows Update!” and has the “latest critical update” as an attachment.  The file that appears to have a .jpg file extension is really  a .NET downloader that delivers malware to your machine.  More specifically, it installs ransomware called bitcoingenerator.exe.  It encrypts the recipient’s files and leaves a text file named “Cyborg_DECRYPT.txt” on their desktop.  A message within it asks for $500 in bitcoin to unlock the files.  Windows users should note that Microsoft will never send a security patch via email.

https://www.cnet.com/news/windows-users-beware-this-fake-update-could-lock-up-your-pc-or-worse/

Cybercriminals have registered over 100,000 look-alike domains that mimic popular retail websites.  The fakes sites use valid TLS certificates to make them appear safe and trusted.  The number of fake sites has doubled since 2018 and are created to target 20 retailers in the U.S., U.K., Germany, France and Australia.  One of the U.S. retailers has over 49,500 look-alike domains targeting it alone.  Retailers and customers should be vigilant in protecting themselves.

https://cyware.com/news/beware-online-shoppers-cybercriminals-have-registered-over-100000-look-alike-domains-that-resemble-popular-retail-websites-8798ad36

Cybercriminals are targeting Application Programming Interfaces (APIs) as they become more popular.  This year alone there have been several APIs targeted to gain unauthorized data access.  APIs are a set of protocols that allow different programs communicate with each other.  They are being used in many places and without careful API management, they will continue being used maliciously worldwide.

LandMark White Limited – February 2019
Justdial unprotected API – April 2019
GateHub – June 2019
Venmo – June 2019

https://cyware.com/news/apis-and-cybercrime-the-state-in-2019-so-far-b73a675a

This article lists off some popular security models that companies can pull from when building software for a certain market sector. Also in the article, it describes the importance of having a multidisciplinary software development team. If everybody thinks the same and has similar goals, then the software will have security holes. The article suggests having people on the team that are focused on: data privacy, user design, quality assurance, software security and testing. All of these people can have useful input that can direct the path of the project.

https://www.business.com/articles/how-to-maintain-data-privacy-during-software-development/

This article outlines some of the biggest challenges providers are facing. One of the biggest divides from the survey results is who owns the responsibility. Is it the customer or is the cloud service provider. There is no one solution fits all, the answer is it depends on the situation. the article also laid out different aspects to consider when choosing a cloud service provider: physical security, compliance, etc.

Creating a responsibility matrix to highlight the roles and responsibilities prior to finalizing any contractual agreements is a great way to fall back onto once an incident has happened, roles and responsibilities are clearly defined.