At a glance.
- Nearly 100,000 ICS services exposed to the Internet.
- BunnyLoader in the C2C market.
- Phantom Hacker scams. API risks.
- Cybersecurity attitudes and behaviors.
- Homeland Security IG finds flaws in TSA pipeline security regulations.
- DHS IG also finds privacy issues with CBP, ICE, and USSS use of commercial telemetry.
- Kyiv prepares for Russian attacks on Ukraine's power grid.
- Russian disinformation expected to aim at undermining US support for Ukraine.
Nearly 100,000 ICS services exposed to the Internet.
BitSight has identified nearly 100,000 industrial control systems exposed to the Internet, particularly in the education, technology, government and politics, and business sectors. The researchers note, however, that overall there’s been a steady decline in Internet-exposed ICS services since 2019. So in some respects this is actually a good-news story.
BitSight adds, “Exposed systems and devices communicating via the Modbus and S7 protocols are more common in June 2023 than before, with the former increasing in prevalence from 2020 and the latter more recently from mid-2022. However, exposed industrial control systems communicating via Niagara Fox have been trending downward since roughly 2021. Organizations should be aware of these changes in prevalence to inform their OT/ICS security strategies.”
BunnyLoader in the C2C market.
Zscaler is tracking a new malware-as-a-service offering called “BunnyLoader” that’s being sold on underground forums for a one-time price of $250. The malware “is designed to steal information related to web browsers, cryptocurrency wallets, VPNs and much more.” BunnyLoader targets cryptocurrency wallets for Bitcoin, Monero, Ethereum, Litecoin, Dogecoin, ZCash, Tether. The researchers note that the malware “has been under rapid development” since its initial release on September 4th.
Phantom Hacker scams.
The US Federal Bureau of Investigation (FBI) has warned of an increase in “Phantom Hacker” scams targeting senior citizens. “This Phantom Hacker scam is an evolution of more general tech support scams, layering imposter tech support, financial institution, and government personas to enhance the trust victims place in the scammers and identify the most lucrative accounts to target. Victims often suffer the loss of entire banking, savings, retirement, or investment accounts under the guise of ‘protecting’ their assets.” The Bureau says victims have lost over $542 million to tech support scams in the first half of 2023, with 66% of these losses from victims over 60 years old.