32. It's Scary What Kids Can See Online

Here are some ways to see if your kid is doing things and visiting sites you don’t want them to
UPDATE to last week's Headlines:
Kaseya's universal REvil decryption key leaked on a hacking forum by a poster, who is believed to be affiliated with the REvil ransomware gang, on a hacking forum, tests successfully. 
  • On July 22nd, Kaseya obtained a universal decryption key for the ransomware attack from a mysterious "trusted third party" and began distributing it to affected customers.
  • Before sharing the decryptor with customers, CNN reported that Kaseya required them to sign a non-disclosure agreement, which may explain why the decryption key hasn't shown up until now.
On July 13, CrowdStrike successfully detected and prevented attempts at exploiting the PrintNightmare vulnerability from Cogni and Magniber Ransomware groups, all in south Asia, protecting customers before any encryption takes place, They have seen almost 600 submissions in the last 30 days (July 12-Aug 12th).  Also, Vice Society ransomware, which targets small and midsize schools.

This Week's Security Tip:
It’s scary what kids can see online. Here are some little-known ways to see if your kid is doing things and visiting sites you don’t want them to:
  1. They’ve deleted their browsing history. What are they hiding?
  2. The ads showing up are questionable. Marketers use retargeting to get you to come back to their websites. So if you’re seeing ads that make you go “hmmmm,” that’s a sign they’ve been visiting those sites.
  3. They hide when using the device. A good rule of thumb is NO devices in bedrooms, or in any room that is not out in the open.

Today's Headlines:
On Tuesday, just over $600 million in cryptoassets were stolen from Poly Network, a system that allows users to transfer digital tokens from one blockchain to another.  The threat actor who hacked Poly Network's cross-chain interoperability protocol yesterday to steal over $600 million worth of cryptocurrency assets is now returning the stolen funds.  He then sent multiple transactions to the same with text embedded in each transaction, he included a Q&A explaining his motives, including the line "why hack? For fun 😊"

Sentinel One has detected another AdLoad malwarevariant that Apple's YARA signature-based XProtect built-in antivirus undetected for at least 10 months, and currently still undetected.  Variations of this strain have been detected since 2017, and is used to deploy various payloads, mostly adware and PUAs (potentially unwanted apps), and harvest sytem info.  
  • To put things into perspective, Shlayer, another common macOS malware strain that has also been able to bypass XProtect before and infect Macs with other malicious payloads, has hit over 10% of all Apple computers monitored by Kaspersky.

Next Week's Teaser:
NEVER use the same password twice

Call to Action:
Book a 10-minute Discovery Call right now. I’ll ask some key questions and give you a quick score. If you’re doing everything right, you can sleep better at night. If there’s room for improvement, we’ll discuss options. NO PRESSURE, NO STRINGS. JUST BOOK THE CALL!