10 January 2023
2022
COVID test related scam emails still highly popular among cybercriminals
https://www.helpnetsecurity.com/2022/01/24/covid-test-scam-emails/
Excerpt:
“The Omicron variant has contributed to a 521 per cent rise in COVID test related scam emails between October 2021 and January 2022, according to Barracuda Networks.”
FBI warning: This new ransomware makes demands of up to $500,000
Liam Tung
https://www.zdnet.com/article/fbi-warning-this-new-ransomware-makes-demands-of-up-to-500000/
Excerpt:
“The Federal Bureau of Investigations (FBI) has detailed evidence connecting the new Diavol ransomware to TrickBot Group, the prolific gang behind the eponymous banking trojan.”
Singapore police warns of ad scams targeting Google search users
Eileen Yu
https://www.zdnet.com/article/singapore-police-warns-of-ad-scams-targeting-google-search-users/
Excerpt:
“Singapore has warned of a new scam tactic targeting users of Google's search platform, some of whom have unwittingly assumed advertisements containing fake bank hotlines to be legitimate. Victims of these scams have already lost more than S$495,000 ($367,775) since December 2021.”
Interpol arrests 11 alleged members of Nigerian scam syndicate 'SilverTerrier'
AJ Vicens
https://www.cyberscoop.com/nigerian-bec-scam-silver-terrier-tmt/
Excerpt:
“International law enforcement authorities say they’ve arrested nearly a dozen members of a notorious Nigerian cybercrime gang potentially responsible for targeting as many as 50,000 victims in various scams in recent years.”
AlphV/BlackCat ransomware gang published data stolen from fashion giant Moncler
Pierluigi Paganini
https://securityaffairs.co/wordpress/126880/cyber-crime/alphv-blackcat-ransomware-hit-moncler.html
Excerpt:
“Moncler confirmed a data breach after an attack that took place in December. The luxury fashion giant was hit by AlphV/BlackCat ransomware that today published the stolen data on its leak site in the Tor network.”
QR codes can eat your lunch, FBI warns
Joe Warminsky
https://www.cyberscoop.com/mailicous-qr-codes-fbi-ic3-alert/
Excerpt:
“QR codes are among the few “winners” of the coronavirus pandemic, the joke goes, because restaurants and other businesses have deployed them in far greater numbers over the past few years, in an effort to make more interactions contactless.”
This VPN service used by cyber criminals to deliver ransomware has just been taken down by police
Danny Palmer
Excerpt:
“A VPN service used by criminals to distribute ransomware, malware and facilitate other forms of cybercrime has been taken offline following a coordinated international operation by police.”
Many users don’t know how to protect their broadband Wi-Fi routers
https://www.helpnetsecurity.com/2022/01/17/broadband-wi-fi-routers-risk/
Excerpt:
“Millions of home broadband Wi-Fi routers in the UK could be at risk because many internet users do not take basic security precautions that could protect them from online threats, research from Broadband Genie has found.”
Ukraine: Wiper malware masquerading as ransomware hits government organizations
Zeljka Zorz
https://www.helpnetsecurity.com/2022/01/17/ukraine-wiper-malware/
Excerpt:
“In the wake of last week’s attention-grabbing defacements of many Ukrainian government websites, Microsoft researchers have revealed evidence of a malware operation targeting multiple organizations in Ukraine, deploying what seems to be ransomware but is actually Master Boot Records (MBR) wiper malware.”
Experts warn of attacks using a new Linux variant of SFile ransomware
Pierluigi Paganini
https://securityaffairs.co/wordpress/126811/malware/sfile-ransomware-linux.html
Excerpt:
“SFile ransomware (aka Escal), has been active since 2020, it was observed targeting only Windows systems. Some variants of the ransomware append the English name of the target company to the filenames of the encrypted files.”
Nordic Choice Hotels Turns Ransomware Attack into Success Story
Filip TRUȚĂ
Excerpt:
“Nordic Choice Hotels is turning a cyber-incident into a success story, announcing that a ransomware attack it suffered in December prompted the hotel chain to wipe its computers clean and switch from Windows to Chrome OS.”
Destructive malware targeting Ukrainian organizations
Excerpt:
“Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022. Microsoft is aware of the ongoing geopolitical events in Ukraine and surrounding region and encourages organizations to use the information in this post to proactively protect from any malicious activity.”
Massive cyberattack hits Ukrainian government websites as West warns on Russia conflict
Pavel Polityuk
Excerpt:
“KYIV, Jan 14 (Reuters) - A massive cyberattack warning Ukrainians to "be afraid and expect the worst" hit government websites late on Thursday, leaving some websites inaccessible on Friday morning and prompting Kyiv to open an investigation.”
International credit card fraud gang busted in Hyderabad, Rs 1.11 crore seized
Roja Mayabrahma
Excerpt:
“The Cyberabad police on Thursday busted a fake call centre racket and arrested a seven-member gang. A total of Rs 1.11 crore cash, four laptops, 23 mobile phones, debit cards, cheque books and other articles from them.”
The public sector is more concerned about external than internal threats
https://www.helpnetsecurity.com/2022/01/13/public-sector-cybersecurity/
Excerpt:
“SolarWinds announced the findings of its Public Sector Cybersecurity Survey Report. This survey includes responses from 400 IT operations and security decision makers, including 200 federal, 100 state and local, and 100 education respondents.”
The rising threat of cyber criminals targeting cloud infrastructure in 2022
Ryan Sheldrake
https://www.helpnetsecurity.com/2022/01/13/threats-2022/
Excerpt:
“In the world of cybersecurity, combating threats is like playing endless, hyper-advanced, multidimensional Whack-A-Mole: new threats are always emerging, often from unexpected sources, and trying to keep up can feel impossible.”
Ransomware attack locks down US prison
https://techxplore.com/news/2022-01-ransomware-prison.html
Excerpt:
“A ransomware attack locked down a US jail, knocking out security cameras and leaving inmates confined to their cells, court documents show.”
Major Indian fashion retailer hacked and data leaked
Dissent
https://www.databreaches.net/major-indian-fashion-retailer-hacked-and-data-leaked/
Excerpt:
“Another major Indian firm has fallen prey to a massive cyberattack. This time, the victim is a Fortune India 500 List company: Mumbai-headquartered Aditya Birla Group (ABG). The conglomerate includes Aditya Birla Fashion and Retail Ltd. (ABFRL) as well as businesses in other sectors. ABFRL, formed after the merger of Madura Fashion & Lifestyle and Pantaloons, describes itself as “India’s first billion-dollar pure-play fashion powerhouse with an elegant bouquet of leading fashion brands and retail formats.”
Ransomware targets Edge users
Mark Stockley
https://blog.malwarebytes.com/threat-intelligence/2022/01/ransomware-targets-edge-users/
Excerpt:
“Unless you’ve been hiding under a rock for the last twenty years, you’ve probably heard the one about “keeping your software up to date”. Applying software updates promptly is arguably the single most useful thing you can do to keep yourself secure online, and vendors, experts, pundits, and blogs like ours, never let users forget it!”
FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure
Ravie Lakshmanan
https://thehackernews.com/2022/01/fbi-nsa-and-cisa-warns-of-russian.html
Excerpt:
“Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors.”
Cyber-Attack on New Mexico County
Sarah Coble
https://www.infosecurity-magazine.com/news/cyberattack-on-new-mexico-county/
Excerpt:
“A cyber-attack has forced the government of New Mexico’s most populous county to close most of its county buildings to the public.”
Five tips on how to stay (cyber)secure in a hybrid work world
Larkin Ryder
https://www.helpnetsecurity.com/2022/01/06/hybrid-work-security/
Excerpt:
“From less time spent on the commute to a better work-life balance, maintaining the newly discovered possibilities of flexible working is a firm priority for workers today.”
Hospitality Chain McMenamins discloses data breach after ransomware attack
Pierluigi Paganini
Excerpt:
“Hospitality chain McMenamins discloses a data breach after a ransomware attack that took place on December 12.”
Cyberattack against UK Ministry of Defence training academy revealed
Charlie Osborne
Excerpt:
“A retired military officer has disclosed a cyberattack that struck the UK Ministry of Defence (MoD) academy and had a "significant" impact on the organization.”
Ransomware attacks decrease, operators started rebranding
https://www.helpnetsecurity.com/2022/01/03/ransomware-attacks-decrease/
Excerpt:
“Positive Technologies experts have analyzed the Q3 2021 cybersecurity threatscape and found a decrease in the number of unique cyberattacks.”
Why the UK’s energy sector is fragile and ripe to cyber attacks
Ian McShane
https://www.helpnetsecurity.com/2022/01/03/uks-energy-sector/
Excerpt:
“For the first time in a generation, the UK is in the middle of an unprecedented supply chain crisis, and in recent weeks, we have seen very clearly the immediate and far-reaching impacts of it.”
Hackers Hit Healthcare Data Management Company
Sarah Coble
https://www.infosecurity-magazine.com/news/hackers-hit-healthcare-data-co/
Excerpt:
“The protected health information (PHI) of thousands of individuals may have been exposed in a hacking incident at a healthcare information management company based in Georgia.”
Russia Fines Google $100m Over "Illegal" Content
Sarah Coble
https://www.infosecurity-magazine.com/news/russia-fines-google-100m-over/
Excerpt:
“Russia has slapped American tech company Google with a record-breaking fine for failing to remo