Transcript
Jim Love (0:01)
Over 300 million in cybercrime crypto is frozen in a coordinated crackdown. Criminals sell live FBI and law enforcement email accounts for just $40. Microsoft's Patch Tuesday fixes over 100 vulnerabilities. And Nova Scotia power is rebuked for seeking secrecy amid a cyber breach. This is Cybersecurity Today. I'm your host, Jim LAF. More than 300 million in cryptocurrency tied to cybercrime has been frozen in two sweeping anti fraud operations. One led by a private sector coalition, the other by Canadian and US law enforcement. Since September 2024, the T3FCU Global Collaborator Program involving TRM Labs, Tron, Tether and Binance has frozen over $250 million by analyzing millions of transactions across five continents. Working closely with police, they've disrupted criminal networks running scams from romance baiting to investment fraud. The second effort is a joint U.S. canada campaign spearheaded by Ontario's OPP and their project Atlas and the British Columbia's Operation Avalanche. With blockchain analytics from Chainalysis, it seized $74.3 million and flagged over 2,000 crypto wallet addresses linked to fraud victims. In 14, Project Atlas alone has prevented more than $70 million in crypto fraud losses. Now, here's what that looks like on the ground. Police recently dismantled a romance baiting ring operating across multiple Canadian provinces. Victims were lured into sending cryptocurrency through fake investment platforms. Investigators traced the funds on the blockchain, froze them before they could be cashed out, and in doing so, cut off payments to the group's recruiters and launderers, collapsing the network. These actions show how freezing stolen crypto doesn't just recover funds. It stops active scams, shields future victims, and makes cybercrime far less profitable. I've said it once and I've said it a million times. It's easy for us to talk with our politicians about feet on the street. But in a world where cybercrime is devastating people's lives, we need feet on the street. Yes, but fingers on the keyboard. Sometimes more cybercriminals are selling live FBI and other law enforcement email accounts for as little as $40 each, giving buyers the ability to impersonate trusted government officials. According to a report from Abnormal AI and published in the Register, active.govand.police email accounts from the U.S. uK, Brazil, Germany and India are being traded on dark web marketplaces. These accounts aren't spoofed. They've been confirmed active through access to systems like license plate lookups, carfax law enforcement portals and official data request tools. With these credentials, criminals could send fraudulent subpoenas or emergency data requests that companies often treat as legitimate, even without a warrant. In one past example, attackers use this type of access to get into Twitter's legal request system, giving them the power to extract private data, suspend accounts, or remove content under the guise of official authority. The risk is clear. At a bargain price, threat actors can gain the digital equivalent of a badge and use it to steal data, commit fraud, or manipulate online content. So if you get an official looking inquiry from law enforcement that comes by electronic means, you need to question it. And trust me, real law enforcement is never offended if you take the step to validate Microsoft's August Patch Tuesday delivered fixes for more than 100 vulnerabilities, including 13 rated critical and several with maximum severity scores. The Most serious was CVE2025 50165, a memory corruption flaw in the Microsoft graphics component with a CVSS score of 9.8. The bug stems from an untrusted pointer dereference in the operating system's image processing pipeline and could let an attacker execute code over the network with low complexity, no privileges, and even no user interaction. While Microsoft rates exploitation is less likely, security experts warn its broad attack surface from email clients rendering previews to Office apps opening JPEG images makes it a high priority risk. Also patched CVE2025 53767, an elevation of privilege vulnerability in Azure's OpenAI service with a CDSS score of 10. This flaw was addressed directly on Microsoft's platform, requiring no customer action, but it underscores the need for AI services to receive the same rigorous patching as other enterprise technologies. Other notable fixes include a heap based buffer overflow in Windows GDI. That's a CVS score of 9.8. No user interaction required on that one either. 2. Use after free flaws in Microsoft Office a Use after free bug in Microsoft Word allowing code execution as the current user a critical Word flaw enabling arbitrary code execution, an Exchange Server vulnerability requiring a manual hotfix, and an elevation of privilege bug in Windows NTLM security researchers note that the elevation of privilege bugs made up 39.3% of the CVE's patch this month, continuing a trend where post compromise vulnerabilities outnumber initial code execution flaws. And finally, the Nova Scotia Utility and Review Board has rebuked Nova Scotia Power for attempting to impose blanket secrecy on its response to a major cybersecurity breach. Earlier this year, the utility had asked to classify all filings and evidence in the regulatory review as confidential, which would have kept most details from the public. The board rejected that request, stating transparency is essential, though some sensitive information could still be protected. The breach, disclosed in March, affected about 280,000 customers, more than half of the province's customer base, and exposed personal and financial data, including social insurance numbers. Little known fact In Canada, you are not required to give your social insurance number to a company. You are required to give it to the government for taxation purposes and with our pension systems, but not corporations, so they have a special responsibility if they ask for this information or insist on having it. To protect it even more, the regulator has now ordered Nova Scotia Power to file a detailed public report by year end, with monthly Progress updates starting August 1st. Critics say that the decision underscores the importance of public accountability when critical infrastructure and sensitive personal information are compromised. And that's our show for today. You can reach me with tips, comments and even occasionally constructive criticism. If you like the show, tell a friend, turn them onto it, or give us a review on your favorite podcast platform or a comment on YouTube. You can go to Technewsday CA or.com and use the Contact Us form. If you want to support us, you can use the Donate tab on that same site and contribute even the cost of a cup of coffee a month to help with the show. Some of you will notice that we're back on Alexa and on Google speakers. Stuff like that costs a small fortune using technical staff that we contract. Love to have your support, but we'd love to have your attention as well. I'm your host Jim Love. Thanks for listening. It.