10 January 2023
2022
Anonymous Hacking Group Declares “Cyber War” Against Russia
James Coker
https://www.infosecurity-magazine.com/news/anonymous-hacking-group-cyber-war/
Excerpt:
“Hacktivist group Anonymous has declared “cyber war” against Vladimir Putin’s government following the Russian invasion of Ukraine.”
Companies warned to boost cyber defence in wake of Ukraine crisis escalation
Chris Duckett
Excerpt:
“On Wednesday afternoon, the Australian government joined the governments of the United States and United Kingdom by placing sanctions on Russian banks and individuals, and at the same time issued a warning to organisations to boost their cyber defence.”
FBI warns of fake CEO attacks taking place via video conferencing systems
Graham Cluley
Excerpt:
“The FBI has issued a warning that organisations should be on their guard against BEC (Business Email Compromise) attacks involving virtual meeting platforms.”
Banking World Rocked After Leak Exposes 18,000 Credit Suisse Accounts
Phil Muncaster
https://www.infosecurity-magazine.com/news/leak-exposes-18000-credit-suisse/
Excerpt:
“Credit Suisse has hit back at allegations of severe due diligence failures exposed by a major new leak of customer account information.”
Healthcare Data Breaches Impact 147k Illinoisans
Sarah Coble
https://www.infosecurity-magazine.com/news/healthcare-data-breaches-impact/
Excerpt:
“The protected health information (PHI) of nearly 150,000 residents of Illinois may have been exposed in data breaches at two separate healthcare organizations.”
DDoS attacks knock Ukrainian government, bank websites offline
Zeljka Zorz
https://www.helpnetsecurity.com/2022/02/16/ddos-ukrainian-government/
Excerpt:
“Unknown attackers have mounted disruptive distributed denial-of-service (DDoS) attacks against several Ukrainian government organizations and state-owned banks on Tuesday.”
Ukraine Ministry of Defense confirms DDoS attack; state banks lose connectivity
Jonathan Greig
Excerpt:
“The Ukrainian Defense Ministry and several state-backed banks were hit with distributed denial-of-service (DDoS) incidents or disruptions on Tuesday. The Defense Ministry website is down, and it confirmed that it was attacked, telling the public that it will be communicating through Twitter and Facebook.”
Marketing Firm Exposes Lead Data
Sarah Coble
https://www.infosecurity-magazine.com/news/marketing-firm-exposes-lead-data/
Excerpt:
“Security researchers at Website Planet have discovered an unsecured Amazon S3 bucket containing the Personal Identifiable Information (PII) of millions of people.”
Croatian phone carrier data breach impacts 200,000 clients
Bill Toulas
Excerpt:
“Croatian phone carrier 'A1 Hrvatska' has disclosed a data breach exposing the personal information of 10% of its customers, roughly 200,000 people.”
Ransomware gang says it has hacked 49ers football team
Alan Suderman
https://techxplore.com/news/2022-02-ransomware-gang-hacked-49ers-football.html
Excerpt:
“The San Francisco 49ers have been hit by a ransomware attack, with cyber criminals claiming they stole some of the football team's financial data.”
Cyberattack hits Ukrainian banks and government websites
Lauren Feiner
https://www.cnbc.com/2022/02/23/cyberattack-hits-ukrainian-banks-and-government-websites.html
Excerpt:
“Several Ukrainian government websites were offline Wednesday as a result of a mass distributed denial of service attack, Mykhailo Fedorov, head of Ukraine’s Ministry of Digital Transformation, said in his Telegram channel.”
The Deep Learning Toolbox Now Apparently Includes Ground-Up Glass
Charles Q. Choi
https://spectrum.ieee.org/deep-learning-facial-recognition-technology
Excerpt:
“Ground-up pieces of glass could help enable a simple yet incredibly secure way to encrypt facial images, a new study finds.”
Spain dismantles SIM swapping group who emptied bank accounts
Bill Toulas
Excerpt:
“Spanish National Police has arrested eight suspects allegedly part of a crime ring who drained bank accounts in a series of SIM swapping attacks.”
New Ransomware Warning for Critical Infrastructure Providers
Phil Muncaster
https://www.infosecurity-magazine.com/news/new-ransomware-warning-critical/
Excerpt:
“The UK, US and Australian authorities have issued a new warning for critical infrastructure (CNI) providers after a surge in ransomware attacks over the past year.”
Ransomware attacks, and ransom payments, are rampant among critical infrastructure organizations
https://www.helpnetsecurity.com/2022/02/10/critical-infrastructure-ransomware/
Excerpt:
“80% of critical infrastructure organizations experienced a ransomware attack in the last year, with an equal number reporting that their security budgets have risen since 2020, a Claroty report reveals.”
Vodafone Portugal hit with cyberattack affecting 4G/5G network, TV, SMS services
Jonathan Greig
Excerpt:
“Vodafone Portugal announced on Tuesday that it was hit with a cyberattack that caused network disruptions across the country.”
Medusa Android Banking Trojan Spreading Through Flubot's Attacks Network
Ravie Lakshmanan
https://thehackernews.com/2022/02/medusa-android-banking-trojan-spreading.html
Excerpt:
“Two different Android banking Trojans, FluBot and Medusa, are relying on the same delivery vehicle as part of a simultaneous attack campaign, according to new research published by ThreatFabric.”
Highly Evasive Adaptive Threats (HEAT) bypassing traditional security defenses
https://www.helpnetsecurity.com/2022/02/08/cyberthreats-bypass-security-defenses/
Excerpt:
“Menlo Security announced it has identified a surge in cyberthreats, termed Highly Evasive Adaptive Threats (HEAT), that bypass traditional security defenses.”
Disaster recovery is critical for business continuity
Zeljka Zorz
https://www.helpnetsecurity.com/2022/02/08/business-continuity-disaster-recovery/
Excerpt:
“Business continuity (BC) and disaster recovery (DR) efforts go hand in hand in this digitized world of ours. The former is focused on maintaining business operations rolling despite various problems, the latter is focused keeping the IT side of things running: the network, the servers, the data.”
Securitas breached, 3TB of airport employee records exposed
Jovi Umawing
Excerpt:
“An unsecured AWS server, found open to the public Internet, is the root cause of a huge compromise of data of airport employees in Colombia and Peru. This server, according to a report, belongs to Securitas, a Stockholm-based multinational company that provides security services like security guarding, fire and safety, and supply-chain risk management among others.”
Swissport Ransomware Attack Delayed Flights
Phil Muncaster
https://www.infosecurity-magazine.com/news/swissport-ransomware-attack/
Excerpt:
“Airport services giant Swissport is restoring its IT systems after a ransomware attack struck late last week, delaying flights.”
Analysis of Attack Against National Games of China Systems
David Álvarez Pérez and Jan Neduchal
https://decoded.avast.io/janneduchal/analysis-of-attack-against-national-games-of-china-systems/
Excerpt:
“On September 15, 2021 the National Games of China began in the Chinese city of Shaanxi. It is an event similar if not identical to the Olympics, but only hosts athletes from China. Earlier in September, our colleague David Álvarez found a malware sample with a suspicious file extension of a picture and decided to investigate where it came from.”
A sign of ransomware growth: Gangs now arbitrate disputes
Alan Suderman
Excerpt:
“RICHMOND, Virginia: Cyber criminal gangs are getting increasingly adept at hacking and becoming more professional, even setting up an arbitration system to resolve payment disputes among themselves, according to a new report by the United States, Australia and the United Kingdom that paints a bleak picture of ransomware trends.”
How organizations are arming themselves to combat threats
https://www.helpnetsecurity.com/2022/02/03/greatest-threats-2021/
Excerpt:
“Reblaze announced the results of a Global Surveyz survey of 300 security professionals, to better understand how organizations are approaching web security as we enter a new year. The research focused on the greatest threats organizations faced in 2021, and their strategies for 2022.”