CVE Programs and Cash Scams
"Chaos, when left alone, tends to multiply." - Stephen Hawking
Welcome to the SecFraudOps Newsletter. Enjoy some links that Matt thought were interesting this week. If this is your first time reading, take a moment to subscribe as well!
Security and Fraud
Huge, Scary Physical Cash Scam Sweeping Across the U.S. Warn Your Family, Friends, and Parents Now!
Right now, today, thousands of people are being tricked into going to their banks or credit unions to withdraw large sums of cash and will give or send it to a complete stranger, never to see it again. Many of the victims are in the prime of their lives, intelligent, and consider themselves to be of above-average ability in spotting scams and scammers.
This is happening everywhere. Locally at credit unions and banks, and all around the world. If a situation displays MUST (see below) then its likely a scam. No reputable business or individual will tell you not to talk to anyone else, or not to trust your bank.
M - Money: Scams involve money, and as much as you can get.
U - Urgency: Time sensitivity of a request is a big red flag.
S - Scare: Feelings are used to get you away from thinking logically.
T - Trust: Scammers abuse trust in known systems.
11th-Hour Funding Saves Program That Tracks Software Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) extends the nonprofit MITRE Corporation's contract to administer the CVE Program. But it only lasts 11 months.
Last week MITRE announced it was no longer going to be able to fund the CVE program that has been in place by the US government for years. CISA picked up the torch and now many are trying to make sure this program is never dropped. Why is it important? CVE tracking allows ALL security professionals to stay up to date on new vulnerabilities so they can patch their systems and ensure they have less weak points for attackers to exploit. Without this program security around the world, especially the US, would be many times worse or almost impossible in some cases.
Fun Dead Zone
New SSN Changes Will Complicate Fraud Department Identity Checks
Greg Pearre never expected to be escorted out of his office by security guards. But that’s exactly what happened after the senior Social Security Administration exec objected to the plan to place thousands of living immigrants social security numbers on the Death Master File (DMF). The Death Master File now contains social security numbers of the living.
Financial institutions rely on the the government to provide services, such as who is dead or alive. It’s crucial to how they do business. Most financial institutions work to bank everyone, US citizen or not. This will force banks to rely on other sources to verify identity.
Resources
Information Security is a fast changing field. Techniques of attackers are constantly changing, it is necessary to study attack methods and adapt when necessary.
Ever Dreamed of Working at a Startup? | YC Jobs
Early stage to later stage, these startups are hiring now.
Career Links
Is That Job Promotion Right For You? Do These Five Things To Help Make The Best Decision
While it may seem intuitive to accept a job promotion immediately to better your situation, it would be wise to weigh the pros and cons before diving headfirst into a new role.
How to Let Go at the End of the Workday
…finish one small task before you leave the office, write a to-do list for the next day, tidy your desk, create a ritual to mark the end of professional time…
Bonus Links
Nate said its app’s users could buy from any e-commerce site with a single click, thanks to AI. In reality, however, Nate relied heavily on hundreds of human contractors in a call center in the Philippines to manually complete those purchases, the DOJ’s Southern District of New York alleges.
Discord Begins Testing Facial Scans for Age Verification
Some countries have passed strict new laws dictating youth access to digital platforms.