14 June 2022
2021
'World's leading bank robbers': North Korea's hacker army
AFP
Excerpt:
“SEOUL: Nuclear-armed North Korea is advancing on the front lines of cyberwarfare, analysts say, stealing billions of dollars and presenting a clearer and more present danger than its banned weapons programmes.”
Ireland shuts down health IT system after ransomware attack
AFP
Excerpt:
“DUBLIN: Ireland's health authority said Friday it had shut down its computer systems after experiencing a "significant ransomware attack", a week after the largest US fuel pipeline network was also targeted.”
UK Cyber Security Association aims to enhance collaboration, training, and best practices
Michael Hill
Excerpt:
“The UK Cyber Security Association (UK CSA) officially launched on May 4 with membership now open for individuals and organisations actively working in the UK’s cybersecurity industry. It is the brainchild of award-winning cybersecurity professional Lisa Ventura and has the primary focus of building a strong and caring cybersecurity community in the UK and internationally.”
The 10 most dangerous cyber threat actors
Andrada Fiscutean
https://www.csoonline.com/article/3619011/the-10-most-dangerous-cyber-threat-actors.html
Excerpt:
“When hacking began many decades ago, it was mostly the work of enthusiasts fueled by their passion for learning everything they could about computers and networks. Today, nation-state actors are developing increasingly sophisticated cyberespionage tools, while cybercriminals are cashing in millions of dollars targeting everything from Fortune 500 companies to hospitals.”
Colonial Pipeline shutdown highlights need for better OT cybersecurity practices
Cynthia Brumfield
Excerpt:
” In one of the most disruptive cybersecurity incidents to take place in the United States, Georgia-based Colonial Pipeline announced late Friday that it was the victim of a cyberattack, later confirmed to be a ransomware attack. The company said it proactively took specific systems offline and halted all pipeline operations.”
DarkSide ransomware explained: How it works and who is behind it
Lucian Constantin
Excerpt:
“DarkSide is a ransomware threat that has been in operation since at least August 2020 and was used in a cyberattack against Georgia-based Colonial Pipeline, leading to a major fuel supply disruption along the East Coast of the US. The malware is offered as a service to different cybercriminals through an affiliate program and, like other prolific ransomware threats, employs double extortion that combines file encryption with data theft and is deployed on compromised networks using manual hacking techniques.”
How API attacks work, and how to identify and prevent them
Maria Korolov
Excerpt:
“In early May, fitness company Peloton announced that it had exposed customer account data on the internet. Anyone could access users’ account data from Peloton’s servers, even if the users set their account profiles as private. The cause: a faulty API that permitted unauthenticated requests.”
8 things CISOs should be thinking about, but probably aren't
John Edwards
Excerpt:
“CISOs have plenty of issues on their minds, everything from building a secure infrastructure to blocking ransomware attacks to ensuring that internal staff doesn't misuse or steal data. With so many responsibilities and so little time, it shouldn't be surprising that even the most conscientious CISO is likely to miss at least a few critical issues.”
Must-Know Phishing Statistics: Updated 2021
Maddie Rosenthal
https://www.tessian.com/blog/phishing-statistics-2020/
Excerpt:
“According to the FBI, phishing was the most common type of cybercrime in 2020—and phishing incidents nearly doubled in frequency, from 114,702 incidents in 2019, to 241,324 incidents in 2020.”
The state of enterprise preparedness for ransomware attacks
https://www.helpnetsecurity.com/2021/05/27/enterprise-preparedness-ransomware-attacks/
Excerpt:
“In the aftermath of the Colonial Pipeline attack, ISACA polled more than 1,200 members in the United States and found that 84 percent of respondents believe ransomware attacks will become more prevalent in the second half of 2021.”
Japanese government agencies suffer data breaches after Fujitsu hack
Ax Sharma
Excerpt:
“Offices of multiple Japanese agencies were breached via Fujitsu's "ProjectWEB" information sharing tool.”
Belgium’s Interior Ministry uncovers 2-year-long compromise of its network
Zeljka Zorz
https://www.helpnetsecurity.com/2021/05/26/belgium-interior-ministry-cyberattack/
Excerpt:
“Belgium’s Federal Public Service Interior (i.e., the country’s Interior Ministry) has suffered a “complex, sophisticated and targeted cyberattack.”
Cyberattacks: Bigger, Smarter, Faster
AFP
https://www.securityweek.com/cyberattacks-bigger-smarter-faster
Excerpt:
“From paralysing the internet in Estonia to a $4.4-million ransom being paid last week after the shutdown of a major US pipeline, we take a look back at 15 years of cyberattacks.”
FBI says Conti ransomware gang has hit 16 US health and emergency networks
Raphael Satter
Excerpt:
“The Federal Bureau of Investigation said that the same group of online extortionists blamed for striking the Irish health system last week have also hit at least 16 US medical and first response networks in the past year. In an alert made public by the American Hospital Association, the FBI ...”
Bizarro banking malware targets 70 banks in Europe and South America
Ionut Ilascu
Excerpt:
“A banking trojan named Bizarro that originates from Brazil has crossed the borders and started to target customers of 70 banks in Europe and South America.”
85% of breaches involve the human element
https://www.helpnetsecurity.com/2021/05/17/breaches-high-human-element/
Excerpt:
“The Verizon report examines more breaches than ever before, and sheds light on how the most common forms of cyber attacks affected the international security landscape during the global pandemic. This year’s report saw 5,258 breaches from 83 contributors across the globe, a third more breaches analyzed than last year.”
'Significant' ransomware attack forces Ireland's health service to shut down IT systems
Danny Palmer
Excerpt:
“Ireland's health service has taken all of its IT systems offline as a precaution after what the organisation describes as a "significant" ransomware attack.”
What the pipeline attack means for critical infrastructures
https://www.helpnetsecurity.com/2021/05/12/pipeline-attack-critical-infrastructures/
Excerpt:
“The big news in critical infrastructure security is the ransomware-triggered shutdown of the Colonial gasoline pipeline – the largest such pipeline in the USA. The attack has been attributed to the DarkSide ransomware group. The group subsequently posted an apology on their website saying “they didn’t mean” to impact critical infrastructure.
Kansas Identity Theft Spike Could Be Linked to Data Breach
Sarah Coble
https://www.infosecurity-magazine.com/news/kansas-identity-theft-spike/
Excerpt:
“The state with the highest identity theft rate in the country may have been impacted by a Department of Labor data breach.”
Facebook banned from processing WhatsApp user data in Germany
Thomas Macaulay
https://thenextweb.com/news/german-regulator-bans-facebook-from-processing-whatsapp-user-data
Excerpt:
“A German data regulator has banned Facebook from processing personal data from WhatsApp users in the country, saying that the app’s controversial new privacy policy update is illegal.”
Japanese Manufacturer Yamabiko Targeted by Babuk Ransomware
Phil Muncaster
https://www.infosecurity-magazine.com/news/japanese-manufacturer-yamabiko/
Excerpt:
“A ransomware group that claimed to be retiring after an audacious attack on Washington DC’s police department appears to be back in action after reportedly targeting a Japanese firm.”
Ransomware attack on healthcare admin company CaptureRx exposes multiple providers across United States
Jonathan Greig
Excerpt:
“Multiple healthcare providers across the United States are reporting being impacted by a ransomware attack on CaptureRx, a San Antonio-based company providing drug-related administrative services.”
Experts warn of a new Android banking trojan stealing users' credentials
Ravie Lakshmanan
https://thehackernews.com/2021/05/experts-warn-of-new-android-banking.html
Excerpt:
“Cybersecurity researchers on Monday disclosed a new Android trojan that hijacks users' credentials and SMS messages to facilitate fraudulent activities against banks in Spain, Germany, Italy, Belgium, and the Netherlands.”
Tesla Car Hacked Remotely From Drone via Zero-Click Exploit
Eduard Kovacs
https://www.securityweek.com/tesla-car-hacked-remotely-drone-zero-click-exploit
Excerpt:
“Two researchers have shown how a Tesla — and possibly other cars — can be hacked remotely without any user interaction. They carried out the attack from a drone.”
Health care giant Scripps Health hit by ransomware attack
Ionut Ilascu
Excerpt:
“Nonprofit health care provider Scripps Health in San Diego is currently dealing with a ransomware attack that forced the organization to suspend user access to its online portal and switch to alternative methods for patient care operations.”
Malware Attacks Alaska Court System
https://www.msspalert.com/cybersecurity-breaches-and-attacks/malware/alaska-court-system/
Excerpt:
“The Alaska Court System (ACS) has suffered a malware attack, which has forced the ACS to take some system offline amid the malware cleanup efforts, according to a note on the court system’s website.”
eCommerce fraud losses to surpass $20 billion this year
https://www.helpnetsecurity.com/2021/05/03/ecommerce-fraud-losses/
Excerpt:
“The value of losses due to eCommerce fraud will rise this year, from $17.5 billion in 2020 to over $20 billion by 2021; a growth of 18% over a single year, according to a study from Juniper Research.”
DDoS attackers stick to their target even if they are unsuccessful
https://www.helpnetsecurity.com/2021/05/03/ddos-attackers-stick-to-their-target/
Excerpt:
“Link11 has released its DDoS report for Q1 2021 which revealed the number of DDoS attacks continued to grow.”