Round Up of Major Breaches and Scams
Emergency services across at least 14 US states have reported outages of their 911 lines on Monday. Issues were reported by police departments in counties across Arizona, California, Colorado, Delaware, Florida, Illinois, Indiana, Minnesota, Nevada, North Carolina, North Dakota, Ohio, Pennsylvania, and Washington. Impacted counties reported losing connectivity for 911 phone and SMS services, but did not provide any technical details about the source of the outage.
Office 365 is currently suffering an outage in the United States and Australia that does not allow users to log in to their accounts. Starting at approximately 5:15 PM EST today, Office 365 users in the United States and Australia began having difficulty logging into their email accounts or accessing email. When attempting to login to their accounts, users are shown an error stating “AADSTS90033: A transient error has occurred. Please try again,” or other error messages.
Operation Sidecopy cyber attacks being continuously observed since 2019, are also highly targeted towards India in nature. The campaign, dubbed as ‘Operation Sidecopy’ utilizes a remote access malware that can heighten its privilege in undermined systems, and thus, easily steal data by infiltrating a computer. Cyber Security researchers at Seqrite, the cyber security solutions arm of Quick Heal, believe that the main tools utilized in Operation Sidecopy shows the association of Transparent Tribe which Seqrite believes is being backed by China to accumulate insight against India.
A health insurance company in Washington state has been slapped with the second-largest ever HIPAA violation penalty. The Department of Health and Human Services’ Office for Civil Rights (OCR) has imposed a $6.85m penalty on Premera Blue Cross to resolve potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Premera Blue Cross is a not-for-profit Blue Cross Blue Shield licensed health insurance company based in Mountlake Terrace. In 2014, the company suffered a data breach that impacted the protected health information (PHI) of 10.4 million people.
The Federal Bureau of Investigation (FBI) and the US Cybersecurity and Infrastructure Security Agency (CISA) today issued a joint public service announcement about the threat of disinformation campaigns targeting the 2020 US election season. Threat actors actively spreading false information about successfully compromised voting systems and voter registration databases “to manipulate public opinion, sow discord, discredit the electoral process,” and to weaken the public’s trust in US institutions according to the two agencies.
Round Up of Major Malware and Ransomware Incidents
With today’s news that French shipping giant CMA CGM has been hit by a ransomware attack, this now means that all of the four biggest maritime shipping companies in the world have been hit by cyber-attacks in the past four years, since 2017. On top of these, we also have CMA CGM, which today took down its worldwide shipping container booking system after its Chinese branches in Shanghai, Shenzhen, and Guangzhou were hit by the Ragnar Locker ransomware.
Universal Health Services, which operates over 400 hospitals and healthcare facilities in the US, Puerto Rico, and the UK, said on Monday that its IT network was offline due to an unspecified cybersecurity issue. “We implement extensive IT security protocols and are working diligently with our IT security partners to restore IT operations as quickly as possible,” the biz said in a statement. “In the meantime, our facilities are using their established back-up processes including offline documentation methods.”
Taiwanese hardware vendor QNAP urged customers last week to update the firmware and apps installed on their network-attached storage (NAS) devices to avoid infections with a new strain of ransomware named AgeLocker. The ransomware has been active since June this year when it first began making victims. It was named AgeLocker for its use of the Actually Good Encryption (AGE) algorithm to encrypt files. The AGE encryption algorithm is considered cryptographically secure, which means encrypted files can’t be recovered without paying the ransom demand.
Avast security researcher reverse-engineered an IoT coffee machine to upload ransomware and mine Monero coin. Smart appliances have always remained a risky option for consumers, specifically when it comes to coffee machines. Back in 2015, Pen Test Partners researchers discovered security flaws in the first version of the Smarter iKettle brand of coffee machine with which they could recover its Wi-Fi encryption keys.
Round Up of Major Vulnerabilities and Patches
Researchers warn of emails pretending to help business employees upgrade to Windows 10 – and then stealing their Outlook emails and passwords. An ongoing phishing attack puts pressure on enterprise employees to upgrade their Windows 7 systems – but in reality, they are redirected to a fake Outlook login page that steals their credentials. Windows 7 reached end-of-life (EOL) on Jan. 14, with Microsoft urging enterprises to upgrade to its Windows 10 operating system.