Attacks, Threats, and Vulnerabilities
Pegasus: A cyber security expert explains how the zero-click spyware can hack phones without user interaction (BBC Science Focus Magazine) Dr Tim Stevens explains how Pegasus software can infiltrate a device – and whether it can be stopped.
Here’s 30 servers Russian intelligence uses to fling malware at the West, beams RiskIQ (Register) Biden-Putin summit went well, then
Cyber-attack hangover for South African ports (Fruitnet) Disruptions from a recent cyber-attack on South African ports expected to last for some time
Transnet cyber-attack hits supplies of auto parts (Automotive Logistics) The automotive sector in South Africa has been affected by the recent cyber-attack that disabled container port operations at state-owned port and rail services provider Transnet
Kaseya ‘Likely’ Got Ransomware Decryptor From REvil: Huntress CEO Kyle Hanslovan (CRN) Huntress CEO Kyle Hanslovan believes the most likely scenario is that the REvil cybercriminals or an affiliate “leaked it” to Kaseya.
Hackers leak full EA data after failed extortion attempt (The Record by Recorded Future) The hackers who breached Electronic Arts last month have released the entire cache of stolen data after failing to extort the company and later sell the stolen files to a third-party buyer.
Hackers dump stolen Electronic Arts data after extortion failure (Computing) The thieves failed to find a buyer, then failed at extorting EA
BlackMatter ransomware gang rises from the ashes of DarkSide, REvil (BleepingComputer) A new ransomware gang named BlackMatter is purchasing access to corporate networks while claiming to include the best features from the notorious and now-defunct REvil and DarkSide operations.
DoppelPaymer Continues to Cause Grief Through Rebranding (Zscaler) DoppelPaymer rebrands as Grief ransomware. Weaponizes GDPR and switches from Bitcoin to Monero cryptocurrency.
‘It’s feasible to start a war’: how dangerous are ransomware hackers? (the Guardian) Secretive gangs are hacking the computers of governments, firms, even hospitals, and demanding huge sums. But if we pay these ransoms, are we creating a ticking time bomb?
All Access Pass: Five Trends with Initial Access Brokers (Kela) Victoria Kivilevich, Threat Intelligence Analyst
Some ransomware gangs lose interest in extortion sites (The Record by Recorded Future) According to data collected from the sites these groups operate, the practice that’s sometimes referred to as “double extortion” appears to be declining
Is this the end of the road for ransomware? (IT PRO) Hackers seem to have developed a conscience, but it’s unlikely they are gone for good
Security Researchers Issue New Windows 11 Warning (Forbes) Microsoft has confirmed the availability of the first Windows 11 beta version, but security researchers issue a timely warning
Several Malicious Typosquatted Python Libraries Found On PyPI Repository (The Hacker News) Researchers discover malicious Python libraries in the PyPI Repository aimed at stealing credit cards and injecting code.
Hackers shut down system for booking COVID-19 shots in Italy’s Lazio region (Reuters) Hackers have attacked and shut down the IT systems of the company that manages COVID-19 vaccination appointments for the Lazio region surrounding Rome, the regional government said on Sunday.
Security team finds Crimea manifesto buried in VBA Rat using double attack vectors (ZDNet) The Malwarebytes
report said a new threat actor may be targeting Russian and pro-Russian individuals.
HTML smuggling is the latest cybercrime tactic you need to worry about (TechRepublic) It will be hard to catch these smugglers, as they’re abusing an essential element of web browsers that allow them to assemble code at endpoints, bypassing perimeter security.
Hospitals Still Use Pneumatic Tubes—and They Can Be Hacked (Wired) The tech may seem antiquated, but it poses very modern cybersecurity problems.
PwnedPiper vulnerabilities impact 80% of major hospitals in North America (The Record by Recorded Future) Details have been published today about a collection of nine vulnerabilities known as PwnedPiper that impact common a type of medical equipment that’s installed in roughly 80% of all major hospitals in North America.
Critical vulnerabilities may allow attackers to compromise hospitals’ pneumatic tube system (Help Net Security) Armis researchers have unearthed nine critical vulnerabilities in Swisslog Healthcare’s Translogic pneumatic tube system.
PwnedPiper critical bug set impacts major hospitals in North America (BleepingComputer) Pneumatic tube system (PTS) stations used in thousands of hospitals worldwide are vulnerable to a set of nine critical security issues collectively referred to as PwnedPiper.
PwnedPiper (Armis) Nine vulnerabilities in critical infrastructure used by 80% of major hospitals in North America.
UBEL is the New Oscorp — Android Credential Stealing Malware Active in the Wild (The Hacker News) An Android malware that was observed abusing accessibility services in the device to hijack user credentials from European banking applications has morphed into an entirely new botnet as part of a renewed campaign that began in May 2021.
Women allege that NSO spyware was used to steal and leak their private photos (NBC News) Female journalists and activists say they had their private photos shared on social media by governments seeking to intimidate and silence them.
Phony Call Centers Tricking Users Into Installing Ransomware and Data-Stealers (The Hacker News) A new fake call center campaign, BazaCall, tricks victims into installing BazaLoader malware, which is designed to steal data and deploy ransomware.
Google Play Protect detects only 31% of Android stalkerware (Atlas VPN) Data presented by the Atlas VPN research team reveals that Android’s internal Google Play Protect service detects only 31% of stalkerware threats.
Identity Breach Report Finds New COVID-19 Cyber Vulnerabilities, Increase in Exposures for Energy & Telecom Sectors/Executives, and COVID Items for Sale on Dark Market According to Constella Intelligence (PR Newswire) Today, Constella Intelligence (“Constella”), a leader in Digital Risk Protection and Identity Threat Intelligence, released their 2021 Identity…
Chipotle’s marketing account hacked to send phishing emails (BleepingComputer) Hackers have compromised an email marketing account belonging to the Chipotle food chain and used it to send out phishing emails luring recipients to malicious links.
NHS Highland Covid data breach was ‘human error’ (Strathspey Herald) Patients received information for other patients on the backs of their vaccination letters
Wealden council continues to face cyber-attack (Sussex Express) Wealden District Council continues to face a ‘sustained’ cyber-attack, councillors have heard.
An app to track home health care aides has unintended effects (Marketplace) As states roll out their electronic visit verification apps, patients and home caregivers are facing hurdles.
Security Patches, Mitigations, and Software Updates
Google updates timeline for unpopular Privacy Sandbox, which will kill third-party cookies in Chrome by 2023 (Register) ‘The W3C doesn’t get to be the boss of anyone, the decisions are going to be made at each of the browsers’
Average data breach cost surpasses $4 million in 2021, record growth of 10% YoY (Atlas VPN) According to data presented by Atlas VPN, the average financial damages caused by a data breach grew around 10% year over year to $4.24 million in 2021. This is the highest increase in a single year since the start of the reporting period in 2015.
Malware business in India is thriving and Covid pandemic has a role to play (The New Indian Express) If the digital economy needed a shot in the arm, Covid pandemic provided just that.
Aussie orgs most likely to pay ransomware attackers: IDC (CRN Australia) As the rate of ransomware attacks continues to rise.
Israeli cybersecurity firm Riskified holds Wall Street IPO at $3.3B valuation (Times of Israel) Company’s share price soars 30% as trading begins on New York Stock Exchange; becomes 10th Israeli startup to hold US public offering this year
Finite State Raises $30M Series B to Secure the Connected Device Supply Chain (Finite State) Funding from Energize Ventures, Schneider Electric Ventures, and Merlin Ventures will help Finite State scale in response to increasing risk …