Aphinia - Your Weekly CISO Wire

Here’s your weekly update on comings and goings, jobs, networking opportunities and actionable insights:

These are the most recent appointments and promotions of your cybersecurity peers. Say “CONGRATS!”🥂 to:

• Mark Taghap was appointed as CISO at Aurora City Council.

• Kevin Charest was appointed as CISO at Accumulus Synergy.

• Matt Biber was appointed as CISO at Qantas.

• Sven Hahues was appointed as CISO at the University of Houston.

• Wayne Reynolds was appointed as CISO at Capital One.

• Sal Mannino was appointed as SVP - CISO at Amalgamated Bank.

• Matthew Cosgrove was appointed as CISO at GreenStone Farm Credit Services.

• Tim Schwab was appointed as CISO at University of Arizona.

• Jeff Jenkins was appointed as CISO at LexisNexis.

• Ben Kurian was appointed as CISO at DWS Group.

Appointed? Promoted? Let us know!

Aphinia is growing! Say hello, reach and connect with our new members:

• Rahul Kakani, Head of Identity and Access Management, Canadalife

• Andrew Aken, CIO & vCISO, DocDrew, LLC

• Asif Ahmad, IT Security Officer Americas, Credit Agricole CIB

• Kevin Beeman, Communications Chief, USMC

• Gernette Wright, IT Security Officer, Schneider Electric

• James Kim, Director Cyber Risk, Strategy, and Programs, City National Bank of Florida

• Matt Hyland, Deputy Chief Information (CIO) and Security Officer (CISO), NORAD & U.S. Northern Command

• Mike Crumpler, CISO, Kenco Group

• Muthukumar Devadoss, Director, Information Security, Tradeweb

• Rich Ingordo, VP - Information Security Engineer, iCapital

• Safi Raza, Head of Cybersecurity, Fusion Risk Management

• Uriel Alvarez, CISO, Allied World Assurance Company

Welcome on board!

Who in your network can benefit from Aphinia? Please send them here »

Not yet a member? Apply here »

Do you want to share your story with fellow CISOs? Book your time now: https://calendly.com/aphinia/30min

Do you want to impart your wisdom and share actionable insights? And, importantly, to further enhance your personal brand so that you would get:

• a new Advisory role

• a consulting gig

• a promotion or appointment

• a book deal

• a speaking engagement at industry conference

Our dance card is filling up fast, here’s the link to grab your time slot now: https://calendly.com/aphinia/30min

Meanwhile, check out our wide ranging conversation with our guest Michael Timineri (Head of Information Security, Checkr) about all things cybersecurity:

Several important events happened that merit your attention:

• I will see you soon: Google estimates that quantum computers will become a threat to cryptographic protocols within the next 10 to 15 years. Google urges the adoption of post-quantum cryptography (PQC) to safeguard against store-now-decrypt-later scenarios.

• If the service is free, you are the product: The Federal Trade Commission has launched an investigation into Reddit's plans to license user-generated content to AI companies. The company came under heavy criticism last year for selling its content without its users' approval.

• DOD VRP: The US Department of Defense says it processed more than 50,000 bug reports via its vulnerability reward programs (VRP).

• Mo’ money for cybersecurity: The Biden administration aims to bolster US cybersecurity with a $13 billion budget request for 2025. Central to this proposal is $3 billion designated for CISA, facilitating its Joint Collaborative Environment with $394 million. Additionally, $116 million will support new CISA staff and technology for the Cyber Incident Reporting Program.

• Cloudflare suffers 22% domain loss as Freenom shutdown hits hard: Cloudflare experiences a significant setback as Freenom's shutdown of 12.6 million domains, including .tk, .cf, and .gq, results in a 22% loss. Freenom's domains, intended for Tokelau, Central African Republic, and Equatorial Guinea, faced legal challenges from Meta.

• EU Parliament passes historic AI act: The European Parliament overwhelmingly passed the Artificial Intelligence Act, marking the world's first major regulation on AI use. It prohibits AI applications endangering citizens' rights, such as biometric categorization and predictive policing.

• FTC fines tech support firms for targeting elderly in a deceptive scam: Two tech support firms, Restoro and Reimage, face a $26 million fine from the FTC for deceiving consumers into purchasing computer repair services. Exploiting fake Microsoft pop-ups alleging malware infections, the companies sold removal software for fees ranging from $27 to $58. Predominantly targeting the elderly, the scheme amassed tens of millions.

• US authorities seize $1.4M crypto fraud funds: The U.S. Attorney’s Office in Chicago has recently made a significant move by seizing approximately $1.4 million worth of Tether (USDT) under a court-authorized seizure warrant. These funds are suspected to be proceeds from fraudulent activities.

• Dark Web admin extorts users after exit scam: Incognito Market's administrator, Pharoah, is now extorting past users, demanding payments ranging from $100 to $20,000 from vendors and buyers. Pharoah mocks users for their trust and threatens to expose chat logs and crypto transaction IDs, aiding law enforcement.

• US and Russia trade accusations over possible election cyberattacks: The US alleges that Russia, China, and Iran aim to disrupt the upcoming presidential election, while Russia anticipates a US cyberattack on its voting system soon.

These senior cybersecurity executive roles you may want to forward to your friends and colleagues:

• From Aphinia community (Aaron Katz, TCW Group): I recently posted a job on LinkedIn for a Deputy CISO at TCW Group, ideally based in LA.

• Talener is looking for a Chief Information Security Officer in Naperville, IL.

• St. Luke's University Health Network is looking for an Associate Chief Information Security Officer in Allentown, PA.

• Advarra Inc  is looking for a VP Chief Information Security Officer in Wellesley, MA.

• Movement Mortgage is looking for an Deputy Chief Information Security Officer in the United States.

• CDW is looking for a Chief Information Security Officer in REMOTE, USA.

• Burlington Stores is looking for a VP Chief Information Security Officer in Edgewater Park, NJ.

Looking for a job? Hiring? Let us know.

These are virtual and live events for the cyber community you may find interesting:

=> SAVE THE DATE! Aug 5, 2024 - 6:30-9:00pm

Aphinia is hosting a members-only CISO Dinner in Las Vegas, NV before Black Hat. Apply here and we will send further details.

Industry Events:

• RSA 2024 is taking place on May 6-9, 2024 in San Francisco, CA. We have a special discount code for Aphinia members. DM me if interested.

• Re:Inforce is taking place on June 10-12, 2024 in Philadelphia, PA.

• BlackHat is taking place on August 6-11, 2024 in Las Vegas, NV.

• Evanta Global CISO Executive Summit is taking place on September 16-18, 2024 in San Diego, CA.

• Fal.Con 24 is taking place on September 16-19, 2024 in Las Vegas, NV.

Attending or hosting an event? Let us know!

Two Aphinia members are looking for vendor feedback:

Hi everyone! I’m considering how we build out an “insider risk” style program. Several folks i have spoken to have recomended a tool; Code42. I was wondering if any of you had any experiences of Code42 to share?

***

We are looking to purchase a password manager and give it away to our employees as a perk.  Are any of your companies doing something similar and if so, what vendor are you using?

The conversation is on Slack in the #general channel, so if you can share your experience and help them out, a) comment on Slack or b) if you are not on Slack, ping me and I will send you a link or c) if you don’t like Slack, send me an email and I will connect you directly.

Separately, if you looking for similar type of advice, post your question in the #general channel.

Hackers have been busy recently 📈 :

• France Travail, formerly known as Pôle Emploi, faces cyberattack endangering personal data of 43 Million.

• Fujitsu has disclosed a security breach after discovering malware on its internal network. The company says the breached systems contained customer personal information.

• A threat actor has stolen and is now selling the personal data of 2.5 million New Zealanders from local media company MediaWorks. The company  believes hackers gained access to a database that collected entries from website competitions.

• IMF discloses security breach impacting email accounts, investigation ongoing.

• Security incident hits Mozaic platform as former developer steals $2 Million in crypto assets.

• Denial-of-Service attack targets several Alabama state government websites, disrupting access for legitimate users.

• Roku discloses breach after over 15,000 users account was compromised due to password reuse, with unauthorized purchases attempted.

• Nissan Oceania alerts 100,000 individuals of data breach stemming from ransomware attack by recognized cybercrime group.

• Meduza faces intense DDoS attacks allegedly orchestrated by Russian authorities.

But a handful of them were nabbed 👮‍♀️:

• Cybercrime compound raided: The Philippines National Police freed hundreds of people who were forced to work against their will in a cybercrime compound. Officials say they freed 875 and detained eight individuals suspected of running the operation. Victims had their passports taken away and forced to carry out romance and cryptocurrency scams.

• Telco manager SIM swapper: A former manager of a New Jersey telco pleaded guilty to participating in SIM swapping attacks. Jonathan Katz admitted to using his manager credentials to change SIM details for customers. Katz was allegedly paid in Bitcoin for each SIM swap.

• Lifelock pleads guilty: An Idaho hacker known as Lifelock has pleaded guilty to hacking the city of Newnan, Georgia, and a medical clinic in Griffin, Georgia.

• Omnipotent extradition: The former administrator of a major hacking forum has asked UK authorities to deny his extradition to the US. Portuguese national Diogo Santos Coelho was arrested in the UK in early 2022 for allegedly running RaidForum, an infamous cybercrime marketplace where hackers leaked and traded hacked data.

• Bitcoin Fog operator convicted of cybercrime: Russian-Swedish national Roman Sterlingov was found guilty by a federal jury in Washington, D.C., for running Bitcoin Fog from 2011 to 2021. Bitcoin Fog, a prominent cryptocurrency mixer on the dark web, laundered cybercriminal proceeds, obscuring their origins to evade law enforcement detection. 

• LockBit cybercriminal sentenced to 4 Years: Russian-Canadian cybercriminal Mikhail Vasiliev receives a four-year sentence in Ontario for his role in the LockBit ransomware scheme. Vasiliev, a key member, pleaded guilty to cyber extortion and other charges.

• Russian authorities detain South Korean on cyber espionage charges: A South Korean national, Baek Won-soon, has been detained by Russia on cyber espionage charges, transferred from Vladivostok to Moscow for investigation. Won-soon is accused of sharing classified information with foreign intelligence agencies.

• E-Root marketplace architect sentenced for cyber fraud scheme: In Tampa, Florida, Sandu Boris Diaconu, 31, from Moldova was sentenced to 42 months in federal prison for computer fraud for his role in managing the E-Root Marketplace, a network of websites facilitating the sale of compromised computer access worldwide. 

• Russian Hacker Gets 3-Year Sentence for Cryptomining Scheme: Russian hacker Alexey Murzin sentenced to three years of restricted freedom for infecting computer clubs with a cryptominer. He bypassed security, deploying T-Rex mining program, allegedly earning $220,000.

Stay safe.

Misha Sobolev

Aphinia

***

P.S.: Are you a senior GTM executive at a cybersecurity company wanting to get your story in front of 1,000s of cybersecurity executives? Sponsor a thought leadership section in the next issue of CISO Wire.