Round Up of Major Breaches and Scams
A hacking group known as CryptoCore has pulled off cryptocurrency heists worth $70 million, but research indicates that it may be an estimated value of over $200 million since 2018. According to a new report by cybersecurity firm ClearSky, a hacking group called CryptoCore, aka Dangerous Password” or “Leery Turtle”, targets cryptocurrency exchanges by conducting spear-phishing campaigns against employees and executives.
A cybersecurity breach at a Florida senior care provider went unnoticed for two years and impacted patient data. Cano Health discovered in April 2020 that some email accounts belonging to its employees had been compromised by threat actors. After investigating the incident, the healthcare company found that the accounts had been accessed multiple times in a prolonged security breach.
U.S. business consulting firm Frost & Sullivan was breached after data from an unsecured backup folder exposed on the Internet was sold on a hacker forum. Frost & Sullivan is a business consulting firm that assists companies in growth strategy, market research, on corporate training.
The US Department of Justice has filed today a superseding indictment against WikiLeaks founder Julian Assange. Instead, the newly updated indictment clarifies the depth of Assange’s alleged crimes by broadening the original charges to include more serious accusations that the WikiLeaks founder conspired and tried to recruit Anonymous and LulzSec hacker to carry out hacking on his behalf.
Round Up of Major Malware and Ransomware Incidents
Researchers from Symantec’s Threat Intelligence team reported that the REvil ransomware operators have been observed while scanning one of their victim’s network for Point of Sale (PoS) servers. Sodinokibi ransomware operators are very active in this period, a few days after the gang has leaked the files allegedly stolen from Elexon it has announced to launch an auction site to sell data of victims who have chosen to not pay the ransom.
Round Up of Major Vulnerabilities and Patches
The most serious of the vulnerabilities is CVE-2020-3962, a critical use-after-free bug related to the SVGA device. An attacker who has local access to a virtual machine (VM) with 3D graphics enabled can exploit the weakness for arbitrary code execution on the hypervisor from the VM.
Sony today announced the launch of a public PlayStation bug bounty program. According to the company’s new PlayStation bug bounty program (aka Vulnerability Disclosure Program) hosted on HackerOne, Sony wants the research community to report any issues found in the PlayStation 4 system, operating system, accessories, and the PlayStation Network.
Microsoft’s Defender ATP Research Team today issued guidance on how to defend against attacks targeting Exchange servers by blocking malicious activity identified with the help of behavior-based detection. The Microsoft researchers based their analysis on multiple campaigns of Exchange attacks investigated during early April which showed how the malicious actors deploying web shells on on-premises Exchange servers.