APT Breach CVE Cyber Security Malware Ransomware Vulnerability

CryptoCore pulls off heists worth $200M since 2018, Sony launches PlayStation bug bounty program, and more

Major cybersecurity events on 25th June 2020 (Evening Post): Data breach at senior care provider Cano Health went unnoticed for two years. WikiLeaks Julian Assange faces more serious accusations of conspiring with hackers Anonymous and LulzSec.

Round Up of Major Breaches and Scams

CryptoCore hackers made over $200M breaching crypto exchanges

A hacking group known as CryptoCore has pulled off cryptocurrency heists worth $70 million, but research indicates that it may be an estimated value of over $200 million since 2018. According to a new report by cybersecurity firm ClearSky, a hacking group called CryptoCore, aka Dangerous Password” or “Leery Turtle”, targets cryptocurrency exchanges by conducting spear-phishing campaigns against employees and executives.

Two-Year Data Breach at Florida Senior Care Provider

A cybersecurity breach at a Florida senior care provider went unnoticed for two years and impacted patient data. Cano Health discovered in April 2020 that some email accounts belonging to its employees had been compromised by threat actors. After investigating the incident, the healthcare company found that the accounts had been accessed multiple times in a prolonged security breach.

Exposed Frost & Sullivan databases for sale on hacking forum

U.S. business consulting firm Frost & Sullivan was breached after data from an unsecured backup folder exposed on the Internet was sold on a hacker forum. Frost & Sullivan is a business consulting firm that assists companies in growth strategy, market research, on corporate training.

WikiLeaks founder charged with conspiring with Anonymous and LulzSec hackers

The US Department of Justice has filed today a superseding indictment against WikiLeaks founder Julian Assange. Instead, the newly updated indictment clarifies the depth of Assange’s alleged crimes by broadening the original charges to include more serious accusations that the WikiLeaks founder conspired and tried to recruit Anonymous and LulzSec hacker to carry out hacking on his behalf.

Round Up of Major Malware and Ransomware Incidents

REvil ransomware gang scans healthcare victim’s network for PoS systems

Researchers from Symantec’s Threat Intelligence team reported that the REvil ransomware operators have been observed while scanning one of their victim’s network for Point of Sale (PoS) servers. Sodinokibi ransomware operators are very active in this period, a few days after the gang has leaked the files allegedly stolen from Elexon it has announced to launch an auction site to sell data of victims who have chosen to not pay the ransom.

Round Up of Major Vulnerabilities and Patches

VMware Patches Several Vulnerabilities Allowing Code Execution on Hypervisor

The most serious of the vulnerabilities is CVE-2020-3962, a critical use-after-free bug related to the SVGA device. An attacker who has local access to a virtual machine (VM) with 3D graphics enabled can exploit the weakness for arbitrary code execution on the hypervisor from the VM.

Sony launches PlayStation bug bounty program with $50K+ rewards

Sony today announced the launch of a public PlayStation bug bounty program. According to the company’s new PlayStation bug bounty program (aka Vulnerability Disclosure Program) hosted on HackerOne, Sony wants the research community to report any issues found in the PlayStation 4 system, operating system, accessories, and the PlayStation Network.

Microsoft: Attackers increasingly exploit Exchange servers

Microsoft’s Defender ATP Research Team today issued guidance on how to defend against attacks targeting Exchange servers by blocking malicious activity identified with the help of behavior-based detection. The Microsoft researchers based their analysis on multiple campaigns of Exchange attacks investigated during early April which showed how the malicious actors deploying web shells on on-premises Exchange servers.