New Episode Alert EP126

Weekly Blaze PodcastEpisode 126June 22, 2020

Largest DDoS Attack Ever RecordedNew Dropbox Security FeaturesNorth Korean Cyber-Attacks Continue

Digital privacy is more important than ever, which is why I use a Silent Pocket faraday sleeve for my smartphone when I want to completely get off the grid. Check them out for yourself and get 15% off your order by using discount code, "sharedsecurity" at checkout right now at

slientpocket.com

.

Over 90% of individuals show risky behavior in handling potential phishing messages according to Click Armor's free

CanIBePhished.com self-assessment

. This engaging coronavirus edition of CanIBePhished.com can help identify your teams total vulnerability to phishing attacks that exploit the pandemic situation. So test your own vulnerability to phishing attacks for free now at

CanIBePhished.com

.

Before I get into this week's news, I want to provide an update on a topic I discussed on the

June 8th episode of the show

about Zoom offering end-to-end encryption for paid customers only. Well Zoom announced this week that

end-to-end encryption will be available to all users now for those with paid and free accounts

. The change came after a lot of public pressure and that they have found a way to get around the user abuse issue that they had concerns about. Zoom users with free accounts will now need to first validate their accounts through verifying phone numbers by text, or through several other methods. However, Zoom did not state what these methods are. This is great news for all Zoom users so be on the lookout for end-to-end encryption to roll out starting in July.

AWS said it mitigated a 2.3 Tbps DDoS attack, the largest ever

Now on to this week's news. First up is a story about how

Amazon has mitigated the largest Distributed Denial of Service attack (or also known as DDoS attacks) to the tune of 2.3 terabits per second which is the largest known attack ever recorded

. The attack was focused on Amazon's popular AWS infrastructure which is used by many corporations and business to host their applications and other cloud based services. Details from Amazon about the attack are sketchy, including who the targeted AWS customer was, but they did state that the attack took place back in mid-February of this year.  The attack was identified by Amazon's AWS "Shield" service and the attack was apparently carried out by using hijacked CLDAP web servers over a period of three days. CLDAP is a newer form of the older LDAP protocol which is used to connect, search, and modify Internet shared directories. The CLDAP protocol has been well abused since 2016 since these servers can greatly amplify attack traffic by 56 to 70 times its initial size. For context, the previous record for largest DDoS attack before this one was 1.7 terabits per second back in March of 2018.

If you're not familiar with what DDoS attacks are, well this is when someone sends thousands upon thousands of requests to a website or service making it completely unavailable to users. The "distributed" part of a denial of service attack means that there are multiple systems involved such as a botnet, or in this case multiple CLDAP servers. DDoS attacks are popular with nation-states, hacktivist groups, and others that look to either target a specific individual, group, or organization.  Check out our show notes for a link to

a great overview

that provides more details explaining what DDoS attacks are and what the industry is doing to prevent them.

Dropbox unveils new features: Passwords, document vault, backup

Dropbox is one of the most popular online cloud storage solutions out there today and last week Dropbox announced

several new features

that are focused on improving how Dropbox data is secured due to the recent rise in COVID-19 remote work situations. Specifically, for users of Dropbox Plus, new features now include "Dropbox Passwords" which is a cloud based password manager, "Dropbox Vault" which can add extra file level security for important or confidential documents, and "Computer backup", which will automatically back up a users' Mac or PC to Dropbox for data retrieval and hardware loss such as a failed hard drive. Dropbox said that these three new features are now available in beta to new Dropbox Plus users on mobile right now and will be made available to existing Dropbox Plus users in coming weeks. Computer backup is available for Dropbox Basic and Professional users as of right now.

I bring this up because it's really important for everyone to use some type of password manager! With the large popularity of Dropbox, this announcement makes it even easier for people that may not have had been exposed to using a password manager in the past, that much easier to start using one now. I also am a fan of having easy ways to back up your computer. Backing up your computer has always been a challenge as there are so many third-party solutions to choose from, and the backup solutions built into our operating systems are really not that great. But backups are hugely important, so it's good to see a popular service like Dropbox getting into the game.

North Korea's state hackers caught engaging in BEC scams

North Korean hackers were back in the news last week with the announcement at the ESET Virtual World security conference last Tuesday that

North Korean hackers have targeted European aerospace and military companies for proprietary or secret information

. What I found interesting about this attack was that employees were targeted through fake LinkedIn recruiters promoting made up open positions at competing companies. The victims were sent documentation to open for the fake interview which was laced with malware which of course infected their computer. Once this foothold was obtained, the interview process would cease, and the fake LinkedIn profile would be deleted. Now that the hackers had access to the company network they attempted to find accounts with weak passwords to further their access. But the attack didn't stop there. Once these hackers found what they were looking for, they attempted to scam the business partners of the compromised company using BEC or Business Email Compromise scams. In one instance the hackers had found unpaid invoices in compromised email inboxes and tried to have bank account information changed through phishing attempts. And while this recent incident may seem surprising, this is par for the course when we're talking about North Korean hackers.

In related North Korea news, Singapore, Japan, and the US are amongst six nations that may be targeted in a COVID-19 themed phishing attack that is scheduled to take place June 21st. According to reports, 8,000 organizations just in Singapore alone may be targeted and that could be up to 5 million individuals and businesses in other countries. As we all know, COVID-19 related phishing attacks and scams are running rampant. So be sure to stay vigilant as these attacks from North Korea and others show no sign of slowing down.

MayMonthly ShowEpisode 100In episode 100 of our May monthly show we discuss the history of the podcast, some of the most interesting cybersecurity and privacy news and events over the years, and speak with former guest Rachel Tobac, CEO and Co-Founder of SocialProof Security, about what she's been up to and of course the David Lynch daily weather report!We also catch up with Kathleen Smith, CMO of ClearedJobs.net and CyberSecJobs.com to talk about the current cybersecurity job market, recruiting, and the one thing you need to stop doing with your resume.

Watch this episode on our YouTube Channel!

Thank you to our sponsor

Silent Pocket!

Take advantage of this exclusive offer and help support this podcast!

Visit

silent-pocket.com

to shop Silent Pocket's great line of privacy focused products.