New Episode Alert EP117

Are you posting your senior pictures on Facebook? 🙈

April 20, 2020

Weekly Blaze PodcastEpisode 117April 20, 2020

Zoom Hacked AccountsNorth Korean HackersFacebook Senior Pictures

With all of us working from home, including the rest of our family, it's easier than ever to constantly be checking our mobile devices for the latest on what's going on in the news or with our friends. But there also comes a time for a break, and boy do we need a break from what's going on right now, right? And to give you and your family a break, put down the devices and bring back the conversations and interactions we all need to stay connected to each other. That's why I recommend using a Silent Pocket faraday bag as an easy way to put the devices away while we reconnect with the people that matter most, our family. Silent Pocket faraday bag's block all wireless signal so you don't even have to power off your devices. And right now you can take 15% off your order by using discount code "sharedsecurity" at

silentpocket.com

. Get your faraday bag today, and bring back those important face to face conversations.

Over 90% of individuals show risky behavior in handling potential phishing messages according to Click Armor's free

CanIBePhished.com self-assessment

. This engaging coronavirus edition of CanIBePhished.com can help identify your teams total vulnerability to phishing attacks that exploit the pandemic situation. So test your own vulnerability to phishing attacks for free now at

CanIBePhished.com

Over 500,000 Zoom accounts sold on hacker forums, the dark web

There was more bad news this past week for Zoom as reports from cybersecurity intelligence firm,

Cyble

, confirmed that

over 500,000 Zoom accounts are being sold on the dark web and various hacker forums

. Many of these accounts are being sold for less than a penny each and sometimes even given away for free. Not surprisingly, these hacked accounts are gathered through credential stuffing attacks where stolen credentials from previous data breaches are used to target a particular service, and this one just happens to be Zoom. From reports it appears these hacked Zoom accounts are being used in the latest Zoom-Bombing craze, while others may be used in order to obtain access to "paid" Zoom accounts which allows many more features than the free version of Zoom. Zoom responded to reports stating that they are working to analyze these password dumps for Zoom credentials and to notify affected users to change their passwords.

Hackers Are Selling a Critical Zoom Zero-Day Exploit for $500,000

In other Zoom related news,

according to a report from Motherboard

, two zero-day exploits for the Zoom Windows and macOS clients are currently be sold for $500,000 by exploit brokers. Zero-day vulnerabilities are highly lucrative in the exploit market because the vulnerabilities are unknown to the vendor and that there is no patch. Historically, nation-states are common customers when it comes to purchasing Zero-day exploits because of the power that they hold to compromise adversaries. Zoom in particular is a massive target right now because of the increase in the software's popularity due to the COVID-19 pandemic. So should you be worried if you use Zoom? No, not really unless you believe you may be targeted by a large nation-state. For the rest of us though, it's perfectly fine to use Zoom for normal business and conversations with our friends and family.

US offers $5 million reward for information on North Korean hackers

The United States is offering a $5 million dollar reward for any information on North Korean hackers and their ongoing efforts to disrupt the international financial system. The reward was issued last week

in a joint report

released by the Departments of State, Treasury, Homeland Security, and the FBI. These organizations are warning that North Korea has increasingly relied on cybercrime to generate revenue for its weapons of mass destruction and ballistic missile programs. In particular, the United States is concerned about North Korea’s malicious cyber activities, which the US government refers to as HIDDEN COBRA (all in CAPS). This is described as the capability to conduct disruptive or destructive cyber activities affecting critical infrastructure in the US. Observed tactics from North Korea include everything from attacks and thefts from banks and cryptocurrency exchanges, extortion campaigns, as well as cryptojacking operations where North Korean hackers have compromised servers across the world to mine cryptocurrency. This report also reminds the world that North Korea has been behind many high profile cyber incidents in the past including the infamous hack of Sony Pictures back in 2014, which was in retaliation for the movie "The Interview", and the Wannacry ransomware which infected hundreds of thousands of computers in over 150 countries. These are just two examples out of a large list of other incidents. So what are these agencies asking from this report? First, if you're a business or organization in the financial sector you need to be aware of this latest threat and that you should be reporting suspected North Korean cyber incidents to the authorities. Next, make sure you're implementing and promoting cybersecurity best practices, and for banks specifically, improve anti-money laundering procedures and other compliance countermeasures. Check out our show notes to see the full report for further details.

Have you shared your old senior photo on Facebook? Hackers may be using your post against you.

If you're like me, you've seen a large increase in Facebook friends posting their senior pictures in support of the class of 2020 who, unfortunately, may not have a traditional in person graduation ceremony this year due to the COVID-19 pandemic. And while this may seem fun and gives us something to entertain us while stuck in quarantine,

many of these Facebook posts come with other personal details that could be used against you

. For example, I've seen people noting things like their date of birth, city of birth, and other personal details which could be used by someone else maliciously. Given that most people fail to change default or set stronger privacy settings in Facebook, a lot of this information may be publicly available for anyone to view. And if you become a target for a scam or fraud, your personal information is now much easier to find. Posts with senior pictures are also just the tip of the iceberg though. I've also seen a huge increase in "personal lists" that are trending on Facebook as well. These lists include asking to post details of the make and model of cars you've owned, favorite athletes, and your top 10 favorite TV shows, to name a few.

So what's the problem? Well these answers are commonly used in password reset or security questions that you're asked to fill out for many sites and services that you use on the Internet. In fact, as part of a talk that frequent guest Kevin Johnson and I did at the DEF CON hacking conference in 2009, we conducted an experiment by posting a quiz on Facebook which asked for "25 Random Things About You". These "random things" questions may seem innocent but were actually password reset questions that we pulled off of Yahoo Mail that are asked for when resetting the password for your email account. This is why I suggest putting in fake or made up information to the answers for security questions. The first thing attackers do is look for any publicly available information about you so if you happen to publicly post a lot on Facebook, this information is easy to view and harvest with automated tools that many scammers and attackers use to gather this information. This is why you need to be careful what personal details you post, and if you do, change your privacy settings to "friends only". I realize that this may be a bit too paranoid for some, and that’s OK. Everyone is going to have a different level of risk associated with what they post on Facebook. And if you're looking for an easy way to see what the recommended Facebook privacy settings should be, check out our guide which you can download for free at

sharedsecurity.net/facebook

MarchMonthly ShowEpisode 98In episode 98 of our monthly show co-host Scott Wright shows us a demo of Click Armor which is a gamified cybersecurity awareness platform, Tom presents the results of our listener survey, and we have a discussion about the privacy concerns with geofence warrants.

Watch this episode on our YouTube Channel!

Thank you to our sponsor

Silent Pocket!

Take advantage of this exclusive offer and help support this podcast!

Visit

silent-pocket.com

to shop Silent Pocket's great line of privacy focused products.