Categories
BEC Breach Bug Cyber Security Data leak Malware Phishing Ransomware Ryuk Scam Social Engineering Vulnerability

Interpol Arrests 3 Nigerian BEC Scammers, Danish news agency Ritzau refuses to pay after ransomware attack, and more

Major cybersecurity events on 26th November 2020 (Morning Post): Interpol Arrests 3 Nigerian BEC Scammers For Targeting Over 500,000 Entities, Xbox bug could have allowed hackers to link gamer tags with players’ emails, Danish news agency Ritzau refuses to pay after ransomware attack.

Round Up of Major Breaches and Scams

Interpol Arrests 3 Nigerian BEC Scammers For Targeting Over 500,000 Entities

Three Nigerian citizens suspected of being members of an organized cybercrime group behind distributing malware, carrying out phishing campaigns, and extensive Business Email Compromise (BEC) scams have been arrested in the city of Lagos, Interpol reported yesterday.

Disabled children’s names revealed in Bristol City Council email

The identities of hundreds of families with disabled children have been shared with other parents without their consent. Bristol City Council sent an email asking for views on a new support service to hundreds of people. The names of all the children and the email addresses of their primary carers were viewable to all recipients. The authority said it has apologised and was investigating.

Round Up of Major Malware and Ransomware Incidents

Sopra Steria expects €50 million loss after Ryuk ransomware attack

French IT services giant Sopra Steria said today in an official statement that the October Ryuk ransomware attack will lead to a loss of between €40 million and €50 million. Sopra Steria is a European information technology firm with 46,000 employees in 25 countries providing a large array of IT services, including consulting, systems integration, and software development.

Danish news agency Ritzau refuses to pay after ransomware attack

Ritzau, the largest independent news agency in Denmark founded in 1866 by Erik Ritzau, said in a statement that it will not pay the ransom demanded by a ransomware gang that hit its network on Tuesday morning.

Round Up of Major Vulnerabilities and Patches

Xbox bug could have allowed hackers to link gamer tags with players’ emails

Microsoft has patched a bug in the Xbox website that could have allowed threat actors to link Xbox gamer tags (usernames) to users’ real email addresses. The vulnerability was reported to Microsoft through the company’s recently launched Xbox bug bounty program.

2FA Bypass Vulnerability Patched in cPanel & WebHost Manager

cPanel last week released patches to address three vulnerabilities in cPanel & WebHost Manager (WHM), including one leading to two-factor authentication bypass. A suite of tools built for Linux, cPanel & WHM helps hosting providers and users automate management and web hosting tasks.