Categories
Breach Cyber Security Fleeceware Malware Phishing Ransomware Vulnerability

Data breach hits CPA Canada, Kentucky EHP, Maze ransomware targets Conduent, and more

Major cybersecurity events on 5th June 2020 (Evening Post): Hackers from Iran and China target Trump, Biden campaigns. Tycoon ransomware targets Windows, Linux systems using Java image format. Fraudulent iOS VPN apps on Apple App Store scam users.

Round Up of Major Breaches and Scams

CPA Canada discloses data breach affecting 329,000 individuals

Chartered Professional Accountants of Canada (CPA) today disclosed that a cyberattack against the CPA Canada website allowed unauthorized third parties to access the personal information of over 329,000 members and other stakeholders. CPA Canada is a national organization with more than 217,000 Chartered Professional Accountants as members and one of the largest national accounting bodies in the world.

Two Data Breaches Hit Kentucky Employees’ Health Plan

Nearly a thousand members of Kentucky Employees’ Health Plan (KEHP) were victims of a data breach that took place in late April and mid-May, according to a statement released by the Commonwealth of Kentucky Personnel Cabinet on June 2. During the first attack, from April 21 to 27, 971 KEHP members accounts were accessed by a “bad actor” who used valid login information to infiltrate StayWell, a third-party vendor utilized by KEHP members for their well-being and incentive portal.

Biden, Trump Campaigns Targeted by Foreign Hackers: Google

A tweet from Google’s threat analysis chief Shane Huntley said the internet giant warned the Biden campaign about “phishing” efforts from China and the Trump campaign from Iran. “No sign of compromise. We sent users our govt attack warning and we referred to fed law enforcement,” Huntley wrote.

Round Up of Major Malware and Ransomware Incidents

Tycoon Ransomware Banks on Unusual Image File Tactic

A new ransomware strain called Tycoon is seeking to wheel and deal its way into the Windows and Linux worlds, using a little-known Java image format as part of its kill chain. The ransomware is housed in a trojanized version of the Java Runtime Environment (JRE), according to researchers at BlackBerry Cylance, and has been around since December.

Business services giant Conduent hit by Maze Ransomware

The Maze Ransomware operators are claiming to have successfully attacked business services giant Conduent, where they stole unencrypted files and encrypted devices on their network. Conduent is a New Jersey, USA based business services firm with 67,000 employees and a 2019 business revenue of $4.47 billion.

Fraudulent iOS VPN Apps Attempt to Scam Users

Digital security and privacy company Avast has issued a warning after it discovered three VPN Apps, available on the Apple App Store, which it claimed are fraudulent and appear to be ‘fleeceware’ – apps that are not ‘malicious’ but do not provide the services they claim to and/or are sold at far higher prices than they should be.

Round Up of Major Vulnerabilities and Patches

Hackers Attempted to Steal Credentials From Millions of WordPress Websites

According to WordPress security company Defiant, its firewall blocked more than 130 million attempts to collect database credentials from 1.3 million sites between May 29 and May 31. The number of requests peaked on May 30, when 75% of the total exploit attempts were observed by the company. After May 31, the attack volume dropped to what the firm usually sees.