This is your easyDNS #AxisOfEasy Briefing for the week of June 10th, 2024 our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.

To Listen/watch this podcast edition with commentary and insight from Joey Tweets, and Len the Lengend click here.

In this issue:

• Canada’s Cybercrime Response Critically Deficient, Auditor General Finds
• Trudeau Defends Controversial Bill C-63: Aimed at Curbing Online “Misinformation” and “Hate Speech”
• UK and Canada Investigate Major Data Breach at 23andMe Affecting Millions
• Microsoft Urges Immediate Patching of Critical MSMQ Bug Allowing Remote Server Takeover
• Criminal IP Launches Fraud Detection Data Products on Snowflake Marketplace

Elsewhere Online

• Scattered Spider Joins RansomHub, Leaving BlackCat Behind
• Takedown in Ukraine: Hacker Working with LockBit & Conti Ransomware Apprehended
• Update Now! Google Pixel Firmware Flaw Actively Exploited
• TellYouThePass Ransomware Hits Unpatched PHP Systems
• Hackers Target Cloud Servers to Mine Dero Cryptocurrency in Stealthy Cryptojacking Campaign

Canada’s Cybercrime Response Critically Deficient, Auditor General Finds

Canada’s federal agencies are failing to combat cybercrime effectively, according to Auditor General Karen Hogan’s recent report. The audit, released on Tuesday, assessed the Royal Canadian Mounted Police (RCMP), the Communications Security Establishment (CSE), and the Canadian Radio-television and Telecommunications Commission (CRTC).

“Without prompt action, financial and personal information losses will only grow,” warned Hogan.

Between 2021 and 2023, the CSE mismanaged nearly half of the 10,850 reports it received by not redirecting them appropriately. The RCMP struggled with tracking and staffing issues, with nearly a third of its cybercrime unit positions vacant as of January 2024. This hindered their ability to manage and investigate cybercrime effectively.

Despite $531 million in fraud losses reported in 2022, only 5-10% of cybercrimes are reported, highlighting severe underreporting issues. The RCMP’s National Cybercrime Co-ordination Centre often failed to relay critical information to domestic agencies.

The CRTC, responsible for addressing online scams, faced criticism for not forwarding serious cases, including child exploitation reports, to law enforcement. Public Safety Minister Dominic LeBlanc announced a new cybersecurity strategy, promising a comprehensive approach to enhance Canada’s cyber defenses. All relevant agencies accepted the report’s recommendations, acknowledging the urgent need for improved coordination and response mechanisms.

(TBH, this is probably true of every country’s cybercrime readiness)

Read: https://metro.co.uk/2024/06/04/att-verizon-outage-unable-call-911-20972720/?ITO=msn

Trudeau Defends Controversial Bill C-63: Aimed at Curbing Online “Misinformation” and “Hate Speech”

Last week, Prime Minister Justin Trudeau advocated for the Online Harms Act (Bill C-63) in Canadian Parliament, aiming to combat “misinformation” and “hate speech” online. Trudeau emphasized the urgency of equipping the government with tools to “protect people,” labeling the situation as dire.

Critics argue the bill represents overreach, allowing pre-emptive punishments and retroactive penalties for potential “hate speech” and “hate propaganda.” “New legislative methods of protecting people from misinformation are needed,” Trudeau stated in a New York Times podcast interview.

Bill C-63 is controversial for its stringent measures. It proposes severe penalties, including house arrest and internet bans for individuals deemed likely to commit hate crimes in the future.

Civil rights advocates warn that the bill blurs the line between safety and censorship, potentially leading to government abuse. They argue it could criminalize speech and actions not yet committed, invoking concerns about “pre-crime.”

The bill also seeks to amend the Criminal Code and the Canadian Human Rights Act, introducing penalties up to life imprisonment for hate crimes linked with other offenses. If passed, those violating the hate speech provisions could face fines up to $51,000.

Read: https://reclaimthenet.org/trudeau-pushes-online-censorship-bill-to-protect-people-from-misinformation

UK and Canada Investigate Major Data Breach at 23andMe Affecting Millions

The U.K.’s Information Commissioner’s Office (ICO) and the Office of the Privacy Commissioner of Canada (OPC) announced on Monday a joint investigation into the 23andMe data breach from last year. This collaboration aims to leverage the combined resources and expertise of both agencies.

In 2023, 23andMe experienced a significant security incident impacting the genetic and ancestry data of 6.9 million users. The company disclosed that hackers infiltrated approximately 14,000 accounts using a technique called password spraying and then scraped data from millions more due to an opt-in feature called DNA Relatives.

The breach, undetected for five months, exposed personal details including names, birth years, ancestry reports, and shared DNA percentages. The company became aware of the breach in October 2023, after hackers posted the stolen data on various forums.

ICO Commissioner John Edwards emphasized the importance of trust, stating, “People need to trust that any organization handling their most sensitive personal information has the appropriate security and safeguards in place.” The joint investigation will assess the adequacy of 23andMe’s safeguards and their notification to the authorities. 23andMe has pledged cooperation with the inquiry. This breach has highlighted significant concerns about the protection of sensitive genetic data on a global scale.

Read: https://techcrunch.com/2024/06/10/uk-and-canada-privacy-watchdogs-investigating-23andme-data-breach/?guccounter=1

Microsoft Urges Immediate Patching of Critical MSMQ Bug Allowing Remote Server Takeover

On Tuesday, Microsoft released its June 2024 Patch Tuesday update, addressing 49 vulnerabilities, including a critical issue in Microsoft Message Queuing (MSMQ) technology. The flaw, identified as CVE-2024-30080, carries a CVSS score of 9.8 and could allow attackers to completely take over servers through remote code execution (RCE).

This MSMQ bug requires no user interaction or special privileges to exploit. Hackers can compromise servers by sending a malicious MSMQ packet to systems with TCP port 1801 open. Tyler Reguly, associate director of security R&D at Fortra, highlighted the risk, noting over a million exposed hosts and predicting quick integration into exploit frameworks.

Microsoft advises organizations to promptly check for the running ‘Message Queuing’ service and ensure port 1801 is secured. Other critical vulnerabilities include CVE-2024-30103 in Microsoft Outlook, exploitable through the Preview Pane, and CVE-2024-30089 in Microsoft Streaming Services, which enables attackers to gain system-level access.

The update also addresses numerous elevation-of-privilege (EoP) flaws, which are crucial for attackers seeking deeper system control. Ben McCarthy, lead cyber security engineer at Immersive Labs, warned that patching these vulnerabilities is vital due to their potential to grant attackers full system access. Immediate action on these patches is essential to prevent potential exploits and system compromises.

Read: https://www.darkreading.com/vulnerabilities-threats/critical-msmq-rce-bug-microsoft-servers-complete-takeover

Criminal IP Launches Fraud Detection Data Products on Snowflake Marketplace

AI SPERA has launched its fraud detection data products from the Criminal IP search engine on the Snowflake Marketplace. Announced this week, this offering aims to enhance cybersecurity by leveraging Snowflake’s cloud-based platform.

Criminal IP’s datasets focus on identifying and mitigating fraudulent activities. They provide insights into malicious IP addresses involved in activities like malware, phishing, and ransomware, as well as servers infected by botnet and command-and-control (C2) software. “Our goal is to empower organizations with actionable intelligence to combat fraud and enhance privacy,” said Criminal IP’s spokesperson.

The products also include capabilities for detecting IP addresses using masking services such as VPNs and proxies, which are crucial for real-time fraud detection and incident response. These tools assist organizations in improving their security measures and managing incidents effectively.

AI SPERA’s Criminal IP Intelligence for Fraud Detection and Privacy Protection integrates with Snowflake, offering detailed, real-time threat intelligence. Organizations can access a free trial for up to 1,000 data items with subscription options for ongoing updates.

Criminal IP’s collaboration with over 40 global security firms enhances its robust datasets. The launch expands AI SPERA’s global reach, enabling companies to safeguard digital assets and streamline their response to security threats.

Read: https://hackread.com/criminal-ip-fraud-detection-data-snowflake-marketplace/

Elsewhere Online

Scattered Spider Joins RansomHub, Leaving BlackCat Behind

https://www.infosecurity-magazine.com/news/scattered-spider-affiliated/

Takedown in Ukraine: Hacker Working with LockBit & Conti Ransomware Apprehended

https://www.darkreading.com/cyberattacks-data-breaches/lockbit-and-conti-ransomware-hacker-busted-in-ukraine

Update Now! Google Pixel Firmware Flaw Actively Exploited

https://www.securityweek.com/google-warns-of-pixel-firmware-zero-day-under-limited-targeted-exploitation/

TellYouThePass Ransomware Hits Unpatched PHP Systems

https://www.darkreading.com/vulnerabilities-threats/tellyouthepass-ransomware-exploits-critical-php-flaw

Hackers Target Cloud Servers to Mine Dero Cryptocurrency in Stealthy Cryptojacking Campaign

https://thehackernews.com/2024/06/cryptojacking-campaign-targets.html