Concern over rise in number of phishing attempts: Dropbox breach of 130 GitHub repositories claimed as latest victim

Phishing attacks are becoming more and more frequent in the tech space, with Dropbox becoming the latest in the number of phishing victims. On October 13, one such phishing email posing as a WebAuth CircleCI DevOps integration platform (which allows users to enter their GitHub login credentials) tricked a Dropbox employee into providing their login information. Once obtained, the employee was prompted to use their hardware authentication key to send a one-time password to the attack site, thus opening up the door for the attacker to raid GitHub’s repositories. Dropbox was notified of the breach on October 14. Although the attacker was able to access 130 GitHub repositories, Dropbox has since verified that no customer account or payment information was compromised.

The breach did, however, give the attacker access to a company employee and business contact names and email addresses. The attacker also managed to breach internal developer tools, such as API keys. Dr. Eric Cole, an advisory board member at Theon Technology, thinks that there may be a greater impact of these breaches than there may initially seem: “A repository can be very large…so saying 130 repositories is very vague and it can be a large amount of information. Since repositories contain a lot of data, it also raises a flag when the company says no sensitive data was compromised.”

Dropbox has said that going forward, it will be adding phishing-resistant MFAs like WebAuthn, which has advanced browser-based verification features. Yet there is still increasing concern as phishing attacks seem to have expanded into multi-factor authentication (MFA) methods as well. Companies that have already onboarded MFA methods have reported that phishing attempts now seem also to include SMS phishing and social engineering phone calls.

Mika Aalto, Co-Founder and CEO at Hoxhunt, says that these MFA phishing bots will only “get smarter and more dangerous with advances in technology like AI.”

Read: https://www.cpomagazine.com/cyber-security/dropbox-security-breach-leads-to-compromise-of-130-github-repositories/

Robert McElvaine wants newspapers and the media to choose sides in this election

Professor McElvaine penned an op-ed essay for the Los Angeles Times in which he claimed that the media are “failing Americans” by insisting on treating all political parties equally.

McElvaine argued in the op-ed that the United States is in the “final stages of the most vital election for the survival of the American experiment since 1864” and that the media bear responsibility for preserving America’s future from “right-wing” radicals.

“America’s future relies on the defeat of the right-wing extremist authoritarians who have grabbed the name of Lincoln’s party,” he said. “If we lose, news organizations and journalists with a distorted sense of ‘balance,’ ‘neutrality,’ and ‘nonpartisanship’ will shoulder disproportionate blame.”

He also chastised the media for failing to effectively criticize conservatives for pushing concepts that are “increasingly reminiscent” of Hitler’s rise to power.

Surprisingly, McElvaine’s op-ed published just after a Media Research Center research indicated that Republicans received far more negative news coverage than Democratic candidates in the months preceding the midterm elections.

Read: https://www.zerohedge.com/political/los-angeles-times-op-ed-says-press-failing-americans-treating-both-parties-equally


Man who had $3.36 billion in Bitcoins stashed in his home, found by the police

According to the US Department of Justice, James Zhong was in possession of $3.36 billion in bitcoin that had been illegally purchased on the dark web marketplace Silk Road more than a decade ago. Zhong admitted to perpetrating wire fraud in September 2012 on November 4 and now faces up to 20 years in jail.

The 50,676 bitcoins were discovered in an underground floor safe and on a single-board computer stashed under linens in a popcorn tin in a bathroom closet, among other locations. The seizure marks the greatest financial seizure by the US DOJ overall and the largest cryptocurrency seizure by the department.

Silk Road was founded in 2011 by the then-anonymous “Dread Pirate Roberts.” (later revealed to be Ross Ulbricht). It was well-known for bitcoin drug trafficking and money laundering. The US government had taken down the Silk Road by 2015, and Ulbricht had been unanimously convicted and sentenced to life in prison.

Read: https://techcrunch.com/2022/11/07/us-doj-announces-seizure-of-3-36b-in-cryptocurrency/

FTC cracks down on Twitter data privacy violations under Biden’s new effort to regulate consumer privacy in tech

This past May, Twitter and the US Federal Trade Commission (FTC) arrived at a mutual agreement that allowed the latter to strictly monitor Twitter’s data privacy activity for the next two decades. The settlement followed a $150M fine on Twitter after the company sold users’ phone numbers to advertising agencies to target users’ ads. The phone numbers had been provided for securing 2FA authentication and had been sold without users’ knowledge or consent. The FTC has since said that it is on high alert for any further data privacy violations by the company.

This does not bode well for Elon Musk, who bought Twitter after May’s settlement at a whopping $44B—an amount that Musk himself said was “obviously overpaying” for a company consistently down in profits. Musk’s new strategy to increase Twitter’s revenue is heavily dependent on an advertisement, though this directly clashes with Joe Biden’s latest crackdown on consumer privacy in the tech sector. It has been speculated that up to 90% of Twitter’s revenue comes from advertising alone.

While ad tech groups claim that data collection and targeted ads are a necessary part of the ecosystem of free and open internet, the FTC is debating whether or not it should enact a wide range of privacy regulations on the tech sector for commercial surveillance purposes. “Twitter does adtech today, but if Elon wants to get more aggressive and not let people opt-out to try to squeeze more revenue from it, then they could get in trouble,” said Justin Brookman, former policy director at the FTC’s office of technology research and investigation.

Another former FTC official has stated that the commission will be closely monitoring Elon Musk’s Twitter account for any hint of new potential privacy abuses or other means of deceptive conduct. “We want to see bad actors face real consequences, and to do so, we are holding corporate leadership accountable,” said Stephanie Nguyen, the FTC’s chief technologist.

As part of May’s settlement, Twitter agreed to the odd periodic independent audit. Twitter’s next audit is scheduled for the summer of 2023.

Read: https://www.politico.com/amp/news/2022/11/03/twitters-elon-musks-ftc-00065076

Japan joins NATO cyberwarfare center In obvious move to provoke Russia

Japan has joined NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE), infuriating Moscow. The CCDCOE was founded in 2008 due to several significant cyberattacks that had crippled Estonia the year before and caused weeks of unrest therein. The attacks were carried out by hackers identified as being from Russia.

Defense Minister Seiichi Hamada formally confirmed the decision on Friday. “After the conclusion of participation procedures, JMOD will formally join the operations of NATO Cooperative Cyber Defence Centre of Excellence.” “JMOD will continue to engage with foreign partners to respond to cyber threats,” the MoD stated in a brief tweet.

Japan is the latest US ally to join the center and will be a contributing participant with other non-NATO nations such as Australia and South Korea. The CCDCOE, based in Estonia, is involved in various cyber-defense research, training, and exercises that span four key areas: technology, strategy, operations, and law.

Only a few months had passed since it was decided that Ukraine should be counted as a contributing partner before Japan changed its formal stance with the CCDCOE. The actions will aid in developing and strengthening a democratic alliance against the growing cyber threat posed by autocracies such as Russia, China, and North Korea.

Read: https://www.infosecurity-magazine.com/news/japan-joins-key-nato-cyber-agency/

Elsewhere Online:

Hackers from Russia are distributing abortion records on the dark web
Read: https://www.vice.com/en/article/5d3435/russian-hackers-abortion-records-dark-web

Private vulnerability reporting is now available for public repositories on GitHub
Read: https://www.securityweek.com/github-introduces-private-vulnerability-reporting-public-repositories

Spanish tax agency, Agencia Tributaria, is the target of a brand new phishing campaign
Read: https://blog.avast.com/phishing-spain-tax-agency

A man is arrested in Ontario on suspicion of involvement in the LockBit ransomware
Read: https://www.infosecurity-magazine.com/news/man-arrested-canada-for-lockbit/

A White House cyber official calls for a more flexible NATO to combat cyber threats
Read: https://www.cyberscoop.com/white-house-cyber-official-nato-cyber-defense/