June 3, 2021

Top cybersecurity stories for the week of 5-31-21 to 6-4-21


Below are the top headlines we’ve been reporting this whole week on *Cyber Security Headlines.*

If you’d like to hear and participate in a discussion about them, the CISO Series does a live 20-minute show every Thursday at 4pm PT/7pm ET. The show is hosted by reporter Steve Prentice and we welcome a cyber practitioner to offer some color to the week’s stories. Our guest this week/tonight is Bryan Zimmer, CISO, Humu.

If you want to get involved you can watch live and participate in the discussion on Crowdcast ([register](https://www.crowdcast.io/e/cyber-security-headlines)), or you can just[ subscribe to the Cyber Security Headlines podcast](https://cisoseries.com/subscribe-podcast/) and get it into your feed.

Here are some of the stories we’ll be covering.

## Lawsuit reveals Google made it nearly impossible for users to keep their locations private

Newly unredacted documents in a lawsuit against Google reveal that the company’s own executives and engineers knew just how difficult the company had made it for smartphone users to keep their location data private. Google continued collecting location data even when users turned off various location-sharing settings, and even pressured LG and other phone makers into hiding these settings. The documents are part of a lawsuit brought against Google by the Arizona Attorney General’s office last year.

([Business Insider](https://www.businessinsider.com/unredacted-google-lawsuit-docs-detail-efforts-to-collect-user-location-2021-5))

## US soldiers expose nuclear weapons secrets via flashcard apps

Flashcard learning apps, used by US soldiers tasked with the custody of nuclear weapons in Europe have inadvertently revealed not just the bases, but even identified the exact shelters with “hot” vaults that likely contain nuclear weapons as well as intricate security details and protocols such as the positions of cameras, the frequency of patrols around the vaults, secret duress words that signal when a guard is being threatened and the unique identifiers that a restricted area badge needs to have. Some of these have been findable since 2013. All were taken down after the researchers at Bellingcat contacted NATO and the US military.

([Bellingcat](https://www.bellingcat.com/news/2021/05/28/us-soldiers-expose-nuclear-weapons-secrets-via-flashcard-apps/))

## Rowhammer attacks show the downside of density

Rowhammer attacks were first demonstrated in 2015 by Google security researchers, showing that targeting a row of DRAM transistors could leak electricity into adjacent rows to intentionally flip the bits held in memory. Now security researchers at Google published details on a Half-Double Rowhammer attack, which takes advantage of increased DRAM density to potentially flip bits two or more rows away. Google disclosed the findings to the semiconductor engineering trade organization JEDEC, who subsequently issued stop gap mitigations. But researchers warn a full fix would require a change in how DRAM is engineered going forward. 

([Wired](https://www.wired.com/story/rowhammer-half-double-attack-bit-flips))

## Have I Been Pwned goes open source

Security researcher Troy Hunt announced that the popular breach database service is now open source, with code hosted on GitHub. Hunt initially announced his intention to make the service’s code open source in August 2020. The non-profit .NET Foundation assisted in moving the site to an open source model. Hunt also announced Have I Been Pwned will receive compromised passwords discovered during investigations from the US FBI.

([Troy Hunt](https://www.troyhunt.com/pwned-passwords-open-source-in-the-dot-net-foundation-and-working-with-the-fbi/))

## Cyberattack forces meat producer to shut down operations in U.S., Australia – Russia suspected

Global food distributor JBS Foods suffered a cyberattack over the weekend that disrupted several servers supporting IT systems and could affect the supply chain for some time. Attackers targeted several servers supporting North American and Australian IT systems of JBS Foods on Sunday, according to a statement by JBS USA. JBS is a global provider of beef, chicken, and pork with 245,000 employees operating on several continents and serving brands such as Country Pride, Swift, Certified Angus Beef, Clear River Farms and Pilgrim’s. JBS notified the White House that the ransom demand came from a criminal organization likely based in Russia. The White House is engaging directly with the Russian government on this matter. 

([ThreatPost](https://threatpost.com/cyberattack-meat-producer-shut-down/166560/) and[ The Guardian](https://www.theguardian.com/technology/2021/jun/01/jbs-meatpacking-ransomware-hack-russia-white-house))

## LinkedIn data shows Austin is biggest winner in tech migration

The Texas capital captured a net inflow of 217 software and information technology company workers per 10,000 existing ones, according to data from May 2020 to April 2021 provided by LinkedIn. That’s the best net migration rate among 35 metropolitan areas with gross tech migration of at least 2,000 LinkedIn users in the past 12 months. There’s no telling whether this will last, with many tech companies eyeing large scale return to the office policies, but for now, Austin, Nashville, Charlotte, Jacksonville and Denver are proving the most attractive places to work.

([Bloomberg](https://www.bloomberg.com/news/articles/2021-06-01/austin-is-biggest-winner-from-tech-migration-linkedin-data-show))

## The back-to-work spearfishing campaigns have begun

Researchers from Cofense Phishing Defense Center (PDC) have uncovered a phishing campaign aimed at gathering login credentials from employees by posing as the Chief Information Officer (CIO). The messages pretend to provide information about changes to business operations the company is taking relative to the COVID-19 pandemic. The emails were crafted to steal company and personal credentials, they include a link to a fake Microsoft SharePoint page with two documents that outline new business operations. Upon clicking on the documents, victims have displayed a login panel that prompts them to provide login credentials to access the files. There will likely be many be many stories to this in coming weeks.

([Security Affairs](https://securityaffairs.co/wordpress/118421/cyber-crime/post-covid-19-phishing.html))

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.