Round Up of Major Breaches and Scams
“It’s happened before. In 2019, I reported on another onlinebloodbank that wouldn’t respond to notifications. I was therefore not surprised when eventually their data showed up on an online forum for sharing and selling databases. Has their data actually been misused by criminals? I do not know, but I would not be surprised if it had been at least misused for spam purposes.”
Cano Health LLC is advising its patients of a privacy event that may have compromised certain personal information. The company recently learned on April 13, 2020 that three employee email accounts were accessed by an unknown perpetrator, and that messages from these accounts may have been forwarded to an outside email account without its knowledge.
Suresh Prajapati, 48, filed a complaint of theft against six employees working at his firm for stealing software, data and source code and selling it to other companies. A Ghodasar businessman having his software company in Jodhpur in Satellite has filed a complaint of cheating of Rs. 40 Lakhs against six of his employees for sale of software and related products to companies outside his knowledge.
Researchers at Lucy Security recently discovered that a Russian hacker named m1x breached a Mexican government web portal and three days later once the government refused to pay a ransom, publicly-released some 14,000 Mexican taxpayer ID numbers.
Threat actors hiding malware in adult content are targeting mobile users over those who turn to their PCs to get turned on. Research published by Kaspersky found that while PC threats masquerading as pornography fell by 40% in 2019, attacks on mobile users increased. Kaspersky’s review of 2019 threat activity discovered that the number of mobile users attacked by threats disguised as pornographic content grew two-fold in 2019, reaching 42,973 users, compared to the 19,699 targeted in 2018.
Round Up of Major Malware and Ransomware Incidents
Electronic Waveform Lab, Inc. announced today it is notifying individuals of a ransomware incident that affected some of its servers that contained certain patient information. On April 11, 2020, Electronic Waveform Lab became aware of the ransomware incident affecting its computer servers. Electronic Waveform Lab immediately began an investigation, promptly notified law enforcement, and an outside forensic firm was engaged to assist.
Researchers warn that the Earth Empusa (aka POISON CARP/Evil Eye) threat group is targeting the Uyghurs, a Turkic minority ethnic group originating from and culturally affiliated with the general region of Central and East Asia, with new Android spyware dubbed ActionSpy.
Human rights activists in India were targeted by a coordinated spyware campaign from January to October of 2019, according to research published Monday by Amnesty International and the University of Toronto’s Citizen Lab. Nine activists in total were targeted, eight of which have been calling for the release of 11 people jailed during protests related to the violent uprising in Bhima Koregaon, India in 2018.
Intel’s upcoming class of mobile CPUs, code named “Tiger Lake,” will feature a long anticipated security layer, called Control-flow Enforcement Technology (CET), which aims to protect against common malware attacks. CET protects against attacks on processors’ control flow, which refers to the order in which different functions calls are executed.
Round Up of Major Vulnerabilities and Patches
Around 3.5 million security cameras installed in homes and offices mainly in Asia and Europe have serious vulnerabilities that expose the gadgets’ owners to the risk that attackers will spy on them, steal their data or target other devices on the same networks, the United Kingdom’s consumer watchdog Which? has warned.
Researchers at cybersecurity firm Positive Technologies Security have discovered several vulnerabilities in communication protocol GPRS Tunnelling Protocol (GTP), that is used by mobile network operators (MNOs). Threat actors could exploit these flaws to conduct several malicious activities against 4G/5G users.