Short Takes – 1-8-25

A Day in the Life of a Prolific Voice Phishing Crew. KrebsOnSecurity.com article. Pull quote: ““The biggest structural threat to the online criminal ecosystem is not the police or researchers, it is fellow criminals,” Nixon said. “To protect them from themselves, every criminal forum and marketplace has a reputation system, even though they know it’s a major liability when the police come. That is why I am not worried as we see criminals migrate to various ‘encrypted’ platforms that promise to ignore the police. To protect themselves better against the law, they have to ditch their protections against fellow criminals and that’s not going to happen.””

Left of Boom: Staying One Step Ahead of the Next Attack. News.ClearanceJobs.com commentary. Pull quote: “No manifesto. No threats. No known links to terrorist or extremist organizations. Just a huge cache of homemade bombs – some of which hand been hand-labeled as “lethal” and more already loaded into a wearable vest. And many of them deemed unstable enough that technicians detonated the devices on site rather than attempt to transport them. Together, all of that signals intent.”

Spectrum Rules and Policies for the Operation of Unmanned Aircraft Systems. Federal Register FCC final rule. Summary: “In this document, the Federal Communications Commission (FCC or Commission) enables Uncrewed Aircraft System (UAS) operators to access dedicated spectrum for control-related communications. Specifically, this document adopts service rules under new rule part 88 that provide operators the ability to obtain direct frequency assignments in a portion of the 5030-5091 MHz band for non-networked operation. Under these rules, one or more dynamic frequency management systems (DFMSs) will manage and coordinate access to the spectrum and enable its safe and efficient use, by providing requesting operators with temporary frequency assignments to support UAS control link communications with a level of reliability suitable for operations in controlled airspace and other safety-critical circumstances. To address concerns regarding the impact of these aeronautical operations on adjacent services, this document locates these operations, for now, in the central part of the band, with substantial separation from the bands adjacent to the 5030-5091 MHz band.” Effective date: February 7^th, 2025 (with exceptions).

Notice of Availability of Security Requirements for Restricted Transactions Under Executive Order 14117. Federal Register CISA notice of availability. Summary: “CISA is announcing publication of finalized security requirements for restricted transactions pursuant to Executive Order (E.O.) 14117, “Preventing Access to Americans' Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” In October 2024, CISA published proposed security requirements for restricted transactions which would apply to classes of restricted transactions identified in regulations issued by the Department of Justice (DOJ). CISA solicited comment on those proposed security requirements and considered that public feedback when developing the final security requirements. This notice also provides CISA's responses to the public comments received.”

Hazardous Materials: Advancing Safety of Highway, Rail, and Vessel Transportation; Extension of Comment Period. Federal Register PHMSA extension of comment period. Summary: “On October 28, 2024, PHMSA published [link added, removed from paywall] a notice of proposed rulemaking (NPRM) titled “Hazardous Materials: Advancing Safety of Highway, Rail, and Vessel Transportation (HM-265),” proposing amendments to the Hazardous Materials Regulations (HMR) to adopt several modal-specific amendments that would enhance the safe transportation of hazardous materials in commerce by highway, rail, and vessel transportation. In response to a request for an extension of the comment period submitted by the Railway Supply Institute (RSI), PHMSA is extending the comment period for the HM-265 NPRM by an additional 90 days.” Comments now due April 28^th, 2025.

Industrial Cybersecurity “Gatekeeping” SCADAMag.Infracritical.com article.  Pull quote: “Like many professions, there will be times when the money is easy and life is good. And then there will be other times when no amount of money seems worth the stress and potential danger. Infrastructure and industrial work is not for everyone. But it’s also meaningful work where you can be satisfied that you actually made a difference. If that sounds like something you’d like to try, we have a place for your talents to thrive.” A good read and great info for anyone going into a process industry job, even if its not cybersecurity.