Tech Friday with Dave Hatter - June 11th 2021 - SPONSORED BY INTRUST IT


Microsoft fixed 50 bugs for June 2021PatchTuesday:

  • Microsoft released patches for 50 security issues including six zero-day exploits which are being actively exploited
  • The issues corrected include remote code execution (RCE), denial-of-service, privilege escalation, and memory corruption
  • 5 of the vulnerabilities are considered critical, 45 are deemed important
  • Thepatchescover a wide array of Microsoft products including Microsoft Office, Outlook, Edge, SharePoint and .NET Core & Visual Studio
  • This is one of the smaller batch of patches released this year
  • "While these vulnerabilities have already been exploited in the wild as zero-days, it is still vital that organizations apply these patches as soon as possible. Unpatched flaws remain a problem for many organizations months after patches have been released" cybersecurity company Tenable said
  • Get the details here:https://msrc.microsoft.com/update-guide/releaseNote/2021-Jun
  • Other important updates include:
    • Google released critical updates for Chrome and Android
    • Adobe released a critical update

Criminals busted with global messaging app trap:

  • Several global law enforcement agencies including the FBI, the Australian Federal Police (AFP), New Zealand police and Europol began collaborating on "Operation Ironside" in 2018
  • During that time, an encrypted messaging app used for communication between criminals was secretly monitored by the FBI and AFP
  • The app, known as ANoM, is only accessible on phones bought through the black market
  • These phones have the ability to make calls or send emails removed and could only send messages to another phone with the ANoM app
  • The AFP said "The devices organically circulated and grew in popularity among criminals, who were confident of the legitimacy of the app because high-profile organized crime figures vouched for its integrity"
  • Unfortunately for the criminals, ANoM was part of a worldwide sting called operation "Trojan Shield"
  • The FBI had access to ANoM and could read the messages being sent
  • The FBI provided over 12,000 devices to more than 300 criminal syndicates over 100 different countries with about
  • "ANOM's distributors, administrators and agents had so much confidence in the secrecy of their devices that they openly marketed them to other potential users as designed by criminals for criminals" said Randy Grossman, the acting U.S. Attorney for the Southern District of California
  • Recently released court documents showed that ANoM was provided to San Diego FBI agents by the developer in return for a reduced sentence on charges he faced
  • Criminals openly discussed crimes on the app including hits on each other
  • "The results are staggering" FBI Assistant Director Calvin Shivers said
  • Europol said police from a total of 16 countries carried out raids based on information captured through these phones, leading to hundreds of arrests and tens of millions of dollars in asset seizures
  • "Essentially, we have been in the back pockets of organized crime and operationalized a criminal takedown like we have never seen" AFP Commissioner Reece Kershaw said
  • Kershaw said there are other encrypted communication apps law enforcement is working to access

Department of Justice seizes $2.3 million in cryptocurrency paid as ransom in Colonial Pipeline attack:

  • The Department of Justice (DOJ) announced that it seized 63.7 bitcoins (roughly $2.3 million at current value) from the DarkSide ransomware gang
  • This represents a large portion of the ransom payment made by Colonial Pipeline when hit with ransomware, which caused the company to take portions of its infrastructure out of operation
  • Colonial Pipeline told FBI that it had paid a ransom of approximately 75 bitcoins
  • By reviewing the Bitcoin public ledger, the FBI tracked multiple transfers of bitcoin and identified that approximately 63.7 bitcoins were transferred to a specific address for which the FBI has the "private key,"
  • That key, think password, allowed them to access the Bitcoin stored there
  • FBI Deputy Director Paul Abbate said "There is no place beyond the reach of the FBI to conceal illicit funds that will prevent us from imposing risk and consequences upon malicious cyber actors"
  • The effort to seize the Bitcoin was coordinated through the FBI's Ransomware and Digital Extortion Task Force, created specifically to fight growing ransomware and digital extortion attacks
  • According to DOJ, "The Task Force prioritizes the disruption, investigation, and prosecution of ransomware and digital extortion activity by tracking and dismantling the development and deployment of malware, identifying the cybercriminals responsible, and holding those individuals accountable for their crimes"
  • The Task Force targets the ransomware criminal ecosystem and collaborates with domestic and foreign government agencies in addition to private sector partners to fight these threats
  • Deputy Attorney General Lisa O. Monaco said "Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks. Today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide."