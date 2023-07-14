



Ransomware payments are on the rise and Google shuts out bad Android developers.

Welcome to cybersecurity today. It’s Friday, July 14, 2023. My name is Howard Solomon. In the US he is a reporter on ITWorldCanada.com and he writes about cybersecurity at TechNewsday.com.

Ransomware gangs have collected around $450 million in the first six months of the year. This is significantly higher than the same period last year. This is according to Chainaosis researchers who investigated the flow of cryptocurrency transactions to illegal web addresses. If this trend continues, researchers predict that 2023 will be his second-highest year for ransomware outbreaks. That’s 2021, when he’s put $940 million into gang-controlled IP addresses. It went down last year, but it went up this year. why? It looks like more gangs are going after bigger targets this year than they did in 2022. There has also been an increase in the number of successful attacks against small organizations.

Good news? Inflows from other crypto-related crimes, such as fraud, have dropped significantly so far this year. This suggests that the efforts of cybersecurity firms and law enforcement to go after gangs and infrastructure supporting cryptocurrency payments are paying off.

Google is taking another step to make it harder for criminals to embed malicious Android applications into the Play Store. After August 31st, anyone creating a new Play Console developer account for their organization will be required to enter a so-called DUNS number. This is a 9-digit identifier assigned by Dunn & Bradstreet. This allows Google to verify information about your business. Each app must also display details about its developer, such as, in some cases, the app’s support email address and phone number, or other verified identity information.

Threat actors have access to another free tool. According to SecurityWeek, someone has leaked the source code of BlackLotus BookIt for Windows on his GitHub platform. This bootkit can be used to load unsigned drivers. However, one advantage of having access to the code is that it allows security researchers to better understand how the code works.

Administrators using the Cisco Systems SD-WAN vManage application are advised to update it to the latest version. This eliminates a serious vulnerability that could allow an attacker to obtain or modify configuration information.

Finally, government promises are meaningless without an implementation plan. That’s why Thursday’s announcement by the White House of the implementation plan for the US National Cybersecurity Strategy is so important. The strategy was announced in March. An implementation plan gives federal agencies a timeline for completing actions. For example, an update to the US National Cyber ​​Incident Response Plan is scheduled for the end of 2024. The plan will include clear guidance to third parties regarding federal agency roles and capabilities in incident response. The National Cyber ​​Directorate’s Office should develop a National Cyber ​​Workforce and Education Strategy by early next year.

That’s all for now. However, his Week in Review edition of the podcast will be released later today. Terry Cutler, guest commentator at the Cylogy Institute in Montreal, will also join us to discuss the latest news.

Follow Cyber ​​Security Today on Apple Podcasts, Google Podcasts, or add us to Flash Briefings on Smart Speakers.

