Round Up of Major Breaches and Scams
Three Nigerian citizens suspected of being members of an organized cybercrime group behind distributing malware, carrying out phishing campaigns, and extensive Business Email Compromise (BEC) scams have been arrested in the city of Lagos, Interpol reported yesterday.
The identities of hundreds of families with disabled children have been shared with other parents without their consent. Bristol City Council sent an email asking for views on a new support service to hundreds of people. The names of all the children and the email addresses of their primary carers were viewable to all recipients. The authority said it has apologised and was investigating.
Round Up of Major Malware and Ransomware Incidents
French IT services giant Sopra Steria said today in an official statement that the October Ryuk ransomware attack will lead to a loss of between €40 million and €50 million. Sopra Steria is a European information technology firm with 46,000 employees in 25 countries providing a large array of IT services, including consulting, systems integration, and software development.
Ritzau, the largest independent news agency in Denmark founded in 1866 by Erik Ritzau, said in a statement that it will not pay the ransom demanded by a ransomware gang that hit its network on Tuesday morning.
Round Up of Major Vulnerabilities and Patches
Microsoft has patched a bug in the Xbox website that could have allowed threat actors to link Xbox gamer tags (usernames) to users’ real email addresses. The vulnerability was reported to Microsoft through the company’s recently launched Xbox bug bounty program.
cPanel last week released patches to address three vulnerabilities in cPanel & WebHost Manager (WHM), including one leading to two-factor authentication bypass. A suite of tools built for Linux, cPanel & WHM helps hosting providers and users automate management and web hosting tasks.