Blacksite's Intelligence Report - Week of June 16th, 2022

The Blacksite Weekly Intelligence Report

Microsoft Ends Internet Explorer Browser Support

 Microsoft will end support for Internet Explorer on multiple Windows versions on June 15, 2022. It will be replaced with the new Chromium-based Microsoft Edge, with users automatically redirected to Edge when launching IE11. IE11 will continue receiving security updates and technical support for the lifecycle of the Windows version on which it is installed. Microsoft has been encouraging customers to switch from Internet Explorer for years to switch to the new Microsoft Edge. The new IE mode enables backward compatibility and will be supported through at least 2029.

More information: https://docs.microsoft.com/en-us/lifecycle/products/internet-explorer-11


CISA Recommends Users Update Google Chrome Browser

 The latest Chrome browser update brings emergency fixes for numerous high-risk vulnerabilities. US CISA urges users to update their systems at their earliest. Chrome 102.0.5005.115 is available for Desktop (Windows, macOS, and Linux) systems. Google hasn’t shared any details about the vulnerabilities yet, giving users more time to update systems safely. Thankfully, both Google and CISA did not mention anything about the active exploitation of the bugs. The bugs may severely impact the users’ devices upon exploitation.

More information: https://www.cisa.gov/uscert/ncas/current-activity/2022/06/10/google-releases-security-updates-chrome


Interpol Arrests Crime Ring of Social Engineers

 An international law enforcement operation, codenamed 'First Light 2022,' has seized 50 million dollars and arrested thousands of people involved in social engineering scams worldwide. The operation was led by Interpol with the assistance of police in 76 countries and focused on social engineering crimes involving telephone deception, romance scams, business email compromise (BEC) scams, and related money laundering. The FTC says that people in the US have lost $547 million to romance scams in 2021 and the FBI reports that BEC scams have led to almost $2.4 billion in reported losses.

More information: https://www.interpol.int/News-and-Events/News/2022/Hundreds-arrested-and-millions-seized-in-global-INTERPOL-operation-against-social-engineering-scams


Ransomware Gang Creates Site for People to Search for their Stolen Data

 The ALPHV/BlackCat ransomware gang, aka BlackCat, has created a dedicated website that allows employees and customers to check if their data was stolen during an attack on a hotel and spa in Oregon. As part of the attack, the gang claims to have stolen 112GB of data, including employee information, such as Social Security Numbers, for 1,500 employees. Security analyst Brett Callow, who discovered this new extortion strategy, said that while it is innovative, it is too early to tell if it will pay off.

More information: https://www.itworldcanada.com/post/ransomware-group-builds-site-for-victims-to-search-for-their-stolen-data

DownThem DDOS Service Owner Receives 2 Year Prison Sentence

 Matthew Gatrel, 33, was sentenced to two years in prison for operating a DDoS platform that allowed threat actors to conduct over 200,000 attacks. The FBI led the law enforcement operation with international assistance from the United Kingdom National Crime Agency and the Dutch Police. Gatrel offered expert advice to customers of both services, providing guidance on the best attack methods to “down’ different types of computers, specific hosting providers, or to bypass DDoS protection services," explained the Department of Justice press release.

More information: https://www.justice.gov/usao-cdca/pr/illinois-man-sentenced-2-years-federal-prison-operating-subscription-based-computer

What is Essential Eight

 In 2017, The Australian Cyber Security Center published a set of mitigation strategies that were designed to help organizations to protect themselves against cyber security incidents. Starting in June of 2022, all non-corporate Commonwealth entities (NCCEs) will be required to comply with the Essential Eight. The Essential Eight is a cyber security framework that is made up of objectives and controls (with each objective including multiple controls) Maturity Level 0 indicates that the organization is not at all secure. Maturity Levels 1 provides a basic level of protection, while Maturity 3 has requirements that are far more stringent.

More information: https://www.cyber.gov.au/acsc/view-all-content/essential-eight


 How Blacksite ZTNA Can Help Protect Your Business Against Cyber Threats

The first step in protecting your company against cyber threats is to make sure you have a solid cybersecurity plan. A cybersecurity plan helps you make sure that your company has the proper safeguards in place to protect your business. Expert security company Blacksite can help you with all your cybersecurity needs. At Blacksite we can help your company develop a cybersecurity plan that is tailored to your business needs. Blacksite implements the latest ZTNA technology to keep your business apps, data, and services safe from prying eyes and potential cybersecurity threats that you might experience in the future. Blacksite specializes in providing cybersecurity solutions in data protection, risk management, encryption, cyber security strategy, and cyber security education at an affordable price to accommodate your business whether it’s a small family owned to that of the size of a fortune 500.

 More information: https://blacksite.solutions/products

 Please contact us and we’ll be glad to assist you.

 Become invisible, become secure.