News

A new study from the Chartered Management Institute finds just half of firms offer regular security training

The UK’s ICO wants to fine NHS partner Advanced £6m for failures that led to a major ransomware breach

STAC6451 threat cluster targets Internet-exposed Microsoft SQL servers for initial access

Ten recommendations for defenders when natively run EDR isn’t an option

It’s possible to cancel other people’s voter registration:

On Friday, four days after Georgia Democrats began warning that bad actors could abuse the state’s new online portal for canceling voter registrations, the Secretary of State’s Office acknowledged to ProPublica that it had identified multiple such attempts…

…the portal suffered at least two security glitches that briefly exposed voters’ dates of birth, the last four digits of their Social Security numbers and their full driver’s license numbers—the exact information needed to cancel others’ voter registrations.

I get that this is a hard problem to solve. We want the portal to be easy for people to use—even non-tech-savvy people—and hard for fraudsters to abuse, and it turns out to be impossible to do both without an overarching digital identity infrastructure. But Georgia is making it easy.

Working from home has established itself as a norm. As of 2023, 35% of employed adults in the U.S. work from home all the time. Another 41% work from home at least part of the time.[i]

While working from home offers benefits to employees and employers alike, the uptick in personal devices connecting to an organization can pose security risks. That includes malware attacks, identity theft, and ransomware, not to mention out-and-out data theft.

With so many people knocking out their workdays at home, the question remains — how can everyone do it safely? Five quick tips and tools can help.

Tips to protect both personal and company data

Use a VPN.

Plenty of the things we work on are confidential. Or at least best kept within the company. A virtual private network (VPN) can help. It creates a secure tunnel of communication that shields the data traveling in it. This way, it makes it exceedingly difficult for a hacker to tap into it and see anything but encrypted data. It offers a primary way that businesses can keep their data and info private. Many organizations provide one to remote employees, yet you can also get a strong, unlimited VPN from us as part of our McAfee+ plans.

Protect yourself from phishing emails.

How do you spot phishing emails? Well, it’s getting a little tougher nowadays because scammers are getting more sophisticated. They make those phishing emails designed to steal info look increasingly legitimate. Even more so with AI tools. However, there are several ways you can spot phishing emails and phony websites. Moreover, our McAfee Scam Protection can do it for you.

Get strong, unique passwords in place.

Passwords provide an excellent line of defense. Specifically, strong, unique passwords across each of your accounts. That might sound like a tall task given the umpteen accounts we have nowadays, yet a password manager can do all that work for you. It creates and securely stores strong, unique passwords for you. A password manager comes included as part of our McAfee+ plans.

Use two-factor authentication.

Two-factor authentication is a more secure way to access work applications. In addition to a password/username combo, it asks for verification of who you are via a device that you own. Like a mobile phone, typically with a PIN sent by text or call. In this way, it uses two factors to confirm an identity. So, if your password gets compromised, it still won’t work for a hacker. They’ll still need the PIN that was sent to you. Of course, never share that PIN with anyone. Anyone who asks for it is a scammer who’s trying to crack your account.

Protect yourself all around.

Consider getting online protection software for all your devices. Today’s protection goes far, far beyond antivirus. It includes features that make your professional (and personal) life safer, with scam protection and web protection that steer you clear of sketchy sites and links. It further offers a full host of features that safeguard your identity, like credit monitoring, identity monitoring, and $2 million in identity theft coverage. Other features help keep you more private on social media and remove your personal info from data broker sites. We call it comprehensive online protection for good reason. It protects you, not just your devices.

[i] https://www.pewresearch.org/short-reads/2023/03/30/about-a-third-of-us-workers-who-can-work-from-home-do-so-all-the-time/

 

The post How to Stay Safe while Working from Home appeared first on McAfee Blog.

In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. The subject of that piece, a 22-year-old Kentucky man, is now brazenly suing his financial institution after it blocked a $75,000 wire transfer and froze his account, citing an active law enforcement investigation.

With memorable hits such as “Internet Swiping” and “Million Dollar Criminal” earning millions of views, Punchmade Dev has leveraged his considerable following to peddle tutorials on how to commit financial crimes online. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs.

That changed earlier this year when KrebsOnSecurity showed how Punchmade’s social media handles were promoting Punchmade e-commerce shops online that sold access to Cashapp and PayPal accounts with balances, software for printing checks, as well as personal and financial data on Americans.

The January story traced Punchmade’s various online properties to a 22-year-old Devon Turner from Lexington, Ky. Reached via his profile on X/Twitter, Punchmade Dev said they were not affiliated with the lawsuit filed by Turner [Punchmade’s X account provided this denial even though it has still not responded to requests for comment from the first story about him in January]. Meanwhile, Mr. Turner has declined multiple requests to comment for this story.

On June 26, Turner filed a pro se lawsuit against PNC Bank, alleging “unlawful discriminatory and tortuous action” after he was denied a wire transfer in the amount of $75,000. PNC Bank did not respond to a request for comment.

Turner’s complaint states that a follow-up call to his bank revealed the account had been closed due to “suspicious activity,” and that he was no longer welcome to patronize PNC Bank.

“The Plaintiff is a very successful African-American business owner, who has generated millions of dollars with his businesses, has hired 30 plus people to work for his businesses,” Turner wrote.

As reported in January, among Turner’s businesses is a Lexington entity called OBN Group LLC (assumed name Punchmade LLC). Business incorporation documents from the Kentucky Secretary of State show he also ran a record label called DevTakeFlightBeats Inc.

Turner’s lawsuit alleges that bank staff made disparaging remarks about him, suggesting the account was canceled because it would be unusual for a person like him to have that kind of money.

Incredibly, Turner acknowledges that PNC told him his account was flagged for attention from law enforcement officials.

“The PNC Bank customer service representative also explained that there was a note on the account that law enforcement would be contacted at some point in time,” the lawsuit reads.

“The Plaintiff, who was not worried at all about law enforcement being involved because nothing illegal occurred, informed the PNC Bank representative that this was one big mistake and asked him what his options were,” the complaint states.

Turner’s lawsuit said PNC told him they would put a note on his account allowing him to withdraw the funds from any branch, but that when he visited a PNC branch and asked to withdraw the entire amount in his account — $500,000 — PNC refused, saying the money had been seized.

“Ultimately, PNC bank not only refused his request to release his funds but informed him that his funds would be seized indefinitely as [sic] PNC Bank,” Turner lawsuit recounts.

The Punchmade shops selling financial data that were profiled in the January story are long gone, but Punchmade’s Instagram account now promotes punchmade[.]cc, which behaves and looks the same as his older shop.

The breach tracking service Constella Intelligence finds the email address associated with Turner’s enterprise OBN Group LLC — obndevpayments@gmail.com — was used by a Devon Turner from Lexington to purchase software online. That record includes the Lexington, Ky. mobile phone number 859-963-6243, which Constella also finds was used to register accounts for Devon Turner at the retailer Neiman Marcus, and at the home decor and fashion site poshmark.com.

A search on this phone number at DomainTools shows it is associated with two domain names since 2021. The first is the aforementioned punchmade[.]cc. The other is foreverpunchmade[.]com, which is registered to a Devon Turner in Lexington, Ky. A copy of this site at archive.org indicates it once sold Punchmade Dev-branded t-shirts and other merchandise.

Mr. Turner included his contact information at the bottom of his lawsuit. What phone number did he leave? Would you believe 859-963-6243?

Is Punchmade Dev a big-time cybercriminal enabler, as his public personna would have us believe? Or is he some two-bit nitwit who has spent so much on custom medallions that he can’t afford a lawyer? It’s hard to tell.

But he definitively has a broad reach: His Instagram account has ~860k followers, and his Telegram channel has more than 75,000 subscribers, all no doubt seeking that sweet “C@sh App sauce,” which apparently has something to do with moving cryptocurrencies through Cash App in a way that financially rewards people able and willing to open up new accounts.

It’s incredibly ironic that Punchmade sells tutorials on how to have great “opsec,” a reference to “operational security,” which in the cybercriminal context means the ability to successfully separate one’s cybercriminal identity from one’s real-life identity: This guy can’t even register a domain name anonymously.

A copy of Turner’s complaint is available here (PDF).

For more on Punchmade, check out the TikTok video How Punchmade Dev Got Started Scamming.

Of the 17.8m phishing emails detected, 62% bypassed DMARC checks and 56% evaded all security layers

A new survey reveals that organizations are suffering an average of eight ransomware incidents per year and paying millions in ransom

Only 0.91% of vulnerabilities of the reported CVEs were weaponized, but represent the most severe risks