Attacks, Threats, and Vulnerabilities
Puerto Rico’s Power Distributor Suffered a Cyberattack Hours Before a Devastating Fire (Wall Street Journal) Luma Energy said a distributed denial-of-service attack targeted its customer portal, as well as its mobile app, shutting out customers trying to access their accounts or report outages.
No Data Breach Of Government’s Email System, Says Centre (NDTV) Media reports that data breaches in some companies have compromised email accounts of the government’s National Informatics Centre are wrong, the centre said today in a statement.
Govt rules out NIC data breach, says email system ‘totally safe & secure’ (The Economic Times) The email system is “totally safe and secure”, government says, dismissing a report claiming that data breaches in firms like Air India, BigBasket and Domino’s had exposed email accounts and passwords of NIC emails to hackers.
Radware Alert: Fancy Lazarus DDoS Extortion Group is Back with New Campaign Focused on Unprotected Assets Across All Industries (GlobeNewswire News Room) Radware Onboards Numerous Customers with Fancy Lazarus Ransom Letters in Recent Weeks…
This new hacking group has a nasty surprise for African, Middle East diplomats (ZDNet) The newly-discovered APT pulls no punches when it comes to cyberespionage.
China backed APT41 behind SITA and Air India cyber attacks (CNBC) The report states, though the Air India attack lasted for just 4 days short of 3 months, it took the threat actors only 24 hours and 5 minutes to spread Cobalt Strike beacons to the other devices in the airline’s network.
How Did the Feds Get the Pipeline Hackers’ Bitcoin? Here’s the Best Theory (Decrypt) A ransomware expert explains how the U.S. likely seized most of the Bitcoin from the Colonial Pipeline attack.
What We Owe To Ransomware Gangs (Forbes) The ransomware “epidemic” we’re experiencing is really just a slow moving, decentralized, cross-sector red teaming exercise that we have outsourced to the mob.
How Hackers Used Slack to Break into EA Games (Motherboard) A representative for the hackers explained to Motherboard how the group stole a wealth of data from the game publishing giant.
Hackers reportedly used EA Games’ Slack to breach network, access source code – CyberScoop (CyberScoop) Hackers who reportedly stole valuable source code from games company Electronic Arts did so by first infiltrating the company’s Slack, a representative for a group claiming credit for the attack told Motherboard.
Fallout of EA source code breach could be severe, cybersecurity experts say (TechRepublic) Potential buyers could be interested in using the source code to game the game to make millions, perhaps sounding EA’s death knell in the process.
CD Projekt Red does an about-face, says ransomware crooks are leaking data (Ars Technica) Data taken in breach disclosed in February likely related to employees and contractors.
Avaddon ransomware shuts down and releases decryption keys (BleepingComputer) The Avaddon ransomware gang has shut down operation and released the decryption keys for their victims to BleepingComputer.com.
Avaddon ransomware operation shuts down and releases decryption keys (The Record by Recorded Future) The criminal group behind the Avaddon ransomware has shut down its operation today and released decryption keys for past victims.
Burgeoning ransomware gang Avaddon appears to shut down, mysteriously (CyberScoop) A ransomware gang has apparently disappeared just as its fortunes were rising. Ransomware experts said Avaddon shut down as of Friday.
Avaddon ransomware group closes shop, sends all 2,934 decryption keys to BleepingComputer (ZDNet) Bleeping Computer worked with Emisoft to create a free decryptor that any Avaddon victim can use.
Volkswagen says a vendor’s security lapse exposed 3.3 million drivers’ details (TechCrunch) The vendor left the cache of data unsecured on the internet over a two-year window.
Volkswagen America Discloses Data Breach Impacting 3.3 Million (SecurityWeek) Volkswagen Group of America discloses a data breach that exposed customer names, email and mailing addresses, and phone numbers, as well as details about purchased vehicles.
Volkswagen hack: 3 million customers have had their information stolen (CNN) Volkswagen and Audi, VW’s luxury brand, have been hit by a data breach that exposed the contact information and, in some cases, personal details, like driver license numbers, of customers in the United States and Canada.
VW says data breach at vendor impacted 3.3 million people in North America (Reuters) Volkswagen AG’s (VOWG_p.DE) U.S. unit said a data breach at a vendor impacted more than 3.3 million customers and prospective buyers in North America.
Volkswagen discloses data breach impacting 3.3 million Audi drivers (The Record by Recorded Future) Volkswagen America said that a data breach at a third-party vendor it was using for sales and marketing purposes exposed the personal details of more than 3.3 million of its customers, most of which were Audi car owners.
Foodservice supplier Edward Don hit by a ransomware attack (BleepingComputer) Foodservice supplier Edward Don has suffered a ransomware attack that has caused the company to shut down portions of the network to prevent the attack’s spread.
Insecure Services: Spoofing Secure Email Notifications (Avanan) Hackers are spoofing emails meant to notify people about secure files.
Ransomware Attacks and Unmanaged Medical Devices (Securolytics) Ransomware is one of the greatest threats to healthcare organizations everywhere. It’s clear that not having a comprehensive plan to protect against ransomware attacks is a significant risk. We covered IoT Ransomware earlier on the blog, including some of the most common causes.
Dealing with cyber criminals: Some NZ businesses ‘feel they have no choice but to pay’ (RNZ) In its first interview since being hit by a ransomware attack a year ago, Fisher and Paykel Appliances warns other businesses it’s a case of “when, not if” they will be targeted.
The hard truth about ransomware: we aren’t prepared, it’s a battle with new rules, and it hasn’t near reached peak impact. (Medium) I’ve talked about ransomware and extortion attacks on organizations for about a decade. I recently spent a year at Microsoft in Threat…
Unknown Attacker Chains Chrome and Windows Zero-Days (Infosecurity Magazine) Kaspersky has branded the threat actor “PuzzleMaker”
SIP protocol abused to trigger XSS attacks via VoIP call monitoring software (The Daily Swig) SIP devices could become unwitting access points for remote attacks on critical systems
Watch out – that Minecraft mod could be dangerous malware (TechRadar) More malware detected posing as Minecraft mods
Hackers can exploit bugs in Samsung pre-installed apps to spy on users (BleepingComputer) Samsung is working on patching multiple vulnerabilities affecting its mobile devices that could be used for spying or to take full control of the system.
The walls have ears (Grimm) Modern business often relies heavily on the Internet and software resources such as Zoom or Skype to support daily operat…
National Security Agency worries about how smart cars are getting (Federal News Network) Both the energy and food industries have been hit in recent weeks with ransomware. But what about cars and trucks?
Steamship Authority Website Running Again After Ransomware Attack Last Week (CBS Local Boston) The Steamship Authority website is back up and running more than a week after it was knocked offline by a ransomware attack.
Hanging up on scammers: how to protect yourself from phishing phone calls (the Guardian) Most Australians receive an alarming robocall at some point, but experts warn fraudsters are becoming far more sophisticated
Ransomware attack hit Teamsters in 2019 — but they refused to pay (NBC News) The FBI advised the union to “just pay” the ransom, according to sources. Union officials chose to rebuild their computer network instead.
Security experts discover a 1,500%+ increase in attacks against VPN due to remote work (Nuspire) COMMERCE, MI. (June 14, 2020) – Nuspire, a leading managed security services provider (MSSP), today announced the release of its 2021 Q1 Threat Landscape Report. Sourced from its 90 billion traffic logs, the report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs) with additional insight from its threat intelligence partner, Recorded Future. “As…
2021 OpsCompass CSPM Report (OpsCompass) The 2021 OpsCompass State of Cloud Security Posture Management Report surveys what cloud professionals think about CSPM, cloud adoption, and security.
LP: 2021 ForgeRock Consumer Identity Breach Report (ForgeRock) The global pandemic spurred a digital revolution. From purchasing goods and services, to visiting their healthcare providers, to working and learning from home, people doubled the amount of time spent online.
Phishing sites reached all-time high in January 2021 (The Record by Recorded Future) The number of active phishing sites hit a record number earlier this year in January, according to an industry report published this week by the Anti-Phishing Working Group (APWG).
DDoS attacks increase 341% amid pandemic (Help Net Security) Cyber attackers targeted industries resulting in a 341% year-over-year increase in DDoS attacks, according to Nexusguard.
Why some cyber criminals are ditching bitcoin for a cryptocurrency called monero (CNBC) Monero is considered more of a privacy token and allows cyber criminals greater freedom from tracking.
As Ransomware Demands Boom, Insurance Companies Keep Paying Out (Wired) While major carriers like AXA have backed away from covering ransoms, don’t expect the industry at large to break the vicious cycle.
Cyber security training platform Immersive Labs closes $75M Series C led by Insight Partners (TechCrunch) Immersive Labs, a platform which teaches cyber security skills corporate employees by using real,…