From the Skyhigh Studios at Skyhigh Security, I’m Scott Schlee, it’s Wednesday, December 4th, 2024, and these are your cybersecurity headlines.
President Joe Biden’s administration is intensively addressing breaches of multiple U.S. telecommunications providers by the China-backed hacking group, Salt Typhoon. Despite daily meetings of a special White House response group and collaboration with affected telecoms, the hackers remain entrenched, leaving many Americans vulnerable to surveillance. The intrusion, which began in the spring and was publicly acknowledged in October, has targeted high-profile individuals and accessed extensive communications data. The administration emphasizes the need for collaboration between telecoms, cybersecurity firms, and international partners to mitigate further damage and suggests that new security mandates may be necessary to prevent future breaches.
Individuals affected by a data breach at Hilb Group can claim up to $5,000 from a $1.6 million settlement by providing proof of losses, such as receipts. The breach, occurring between December 1, 2022, and January 12, 2023, exposed sensitive information, including Social Security numbers and financial data. Hilb Group denies wrongdoing but agreed to the settlement. Claimants must file by December 13, 2024.
New York State imposed fines totaling $11.3 million on auto insurers Geico and Travelers Indemnity for cybersecurity lapses that led to data breaches affecting 120,000 individuals during the COVID-19 pandemic. Hackers accessed Geico’s online quoting tool, stealing personal data of approximately 116,000 people starting in 2020. In a separate incident, hackers infiltrated Travelers’ quoting tool, exposing data of around 4,000 people over seven months in 2021. Both companies violated the Department of Financial Services’ cybersecurity regulations and are mandated to implement cybersecurity improvements.
Richard Horne, CEO of the UK’s National Cyber Security Centre (NCSC), warned that Britain is increasingly vulnerable to cyberattacks and complacent about threats from hackers. National defenses have not kept pace with rising hostile activities from countries like Russia and China. Organizations have largely failed to follow NCSC guidance, widening the gap between threats and defenses. Recent cyberattacks have disrupted services in sectors such as healthcare and transportation, with most incidents being ransomware attacks dominated by Russian groups.
Cybersecurity firm CrowdStrike increased its annual revenue and profit forecasts due to growing demand for cybersecurity services amid rising online threats. After surpassing third-quarter revenue expectations, CrowdStrike anticipates annual revenues between $3.92 and $3.93 billion, exceeding previous estimates. The company also expects adjusted annual earnings per share to reach between $3.74 and $3.76. Despite a slight dip in stock prices due to quarterly revenue projections, CrowdStrike’s customer engagement packages have strengthened client relationships.
Google Chrome users are being cautioned about the prevalence of scam websites appearing in search results. Google is developing an AI-powered tool called “Store Reviews” to provide summaries of third-party reviews from cybersecurity companies, aiding in the identification of fraudulent sites. In the meantime, users are advised to be vigilant by not clicking on suspicious links, verifying website URLs, checking for “https,” researching ads before clicking, and avoiding “Sponsored” listings that might be scam fronts. Common scams include non-delivery, non-payment, auction fraud, and gift card fraud.
Cybersecurity firm McAfee has identified 15 malicious apps, collectively downloaded by at least 8 million Android users, which pose significant security threats. These “SpyLoan” apps entice users with promises of quick loans but instead extract sensitive information and gain access to other apps on the device, leading to potential extortion, harassment, and financial loss. Despite some apps being removed from the Google Play Store, developers have updated others, allowing them to persist. Users are advised to delete these apps, scrutinize app developers, review permissions, and read user reviews before downloading new applications.
Netflix users are being warned about a cyber scam involving fraudulent messages that aim to steal financial information. Scammers send fake SMS texts claiming issues with Netflix accounts, directing recipients to confirm their details via a phishing website. These messages are designed to collect personal information, including login credentials and credit card details, which are then sold on the dark web. Users are advised to be cautious, as Netflix does not contact customers via text with verification links, and to avoid clicking on suspicious links, instead manually entering website URLs.
Interpol, in collaboration with Afripol, conducted Operation Serengeti from September 2 to October 31, 2024, across 19 African countries, resulting in the arrest of 1,006 individuals involved in cybercrimes such as ransomware, business email compromise, digital extortion, and online scams. The operation identified over 35,000 victims and linked the criminal activities to nearly $193 million in financial losses worldwide. This coordinated effort underscores the increasing volume and sophistication of cybercrime attacks and highlights the importance of international cooperation in combating such threats.
And those are your headlines for the week. Thank you again for listening to Skyhigh CloudCast. If you’ve enjoyed this episode, be sure to subscribe on your favorite podcast platform so you never miss an update. If you liked the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit SkyhighSecurity.com.
Please Note: All transcripts are generated using speech recognition software and human transcription, and may contain errors. Please check the corresponding audio before quoting in print.