Round Up of Major Breaches and Scams
Italian police arrested two people that have stolen 10 GB of confidental and alleged secret data from the defense company Leonardo S.p.A. Italian police have arrested two people that have been accused of stealing 10 GB of confidental data and military secrets from defense company Leonardo S.p.A. Leonardo is a state-owned multinational company and one of the world’s largest defense contractors.
A school IT teacher was jailed for six years today after hacking his pupils’ phones to steal naked selfies of teenage girls and storing them on his computer. High school technology expert Richard Edmunds, 40, told pupils he could fix their broken devices but took their private nude picture when he took their phones home. Edmunds targeted a string of girls while working at a high school in Cardiff to gain iCloud passwords to download more than 1,700 images onto his home computer.
Over the past week, users of the MetaMask cryptocurrency wallet have been losing funds to a phishing scam that lured potential victims through Google search ads. MetaMask has a community of more than one million users. The site offers an Ethereum cryptocurrency wallet in the browser via a browser extension that lets distributed applications read from the blockchain.
A food bank in Philadelphia has ended up out of pocket after scammers successfully tricked it out of almost one million dollars. As The Philadelphia Inquirer reports, hunger relief group Philabundance – which each year receives tens of millions of dollars in donations – was in the process of completing a $12 million construction project of a new community kitchen when the scammers struck.
When the personal data of 186,000 people was breached in a phishing attack on Service NSW in March, the weakness cyber criminals were able to exploit was actually paper. Passports, banking and Medicare details were potentially exposed in photocopied and scanned paper documents stored inside the email accounts of 47 Service NSW employees, which were targeted in the attack.
Round Up of Major Malware and Ransomware Incidents
LockBit ransomware operators have compromised the systems at the helicopter maker Kopter and published them on their darkweb leak site. The helicopter maker Kopter was hit by LockBit ransomware, the attackers compromised its internal network and encrypted the company’s files. Kopter Group is Switzerland-based company that was founded in 2007 that was acquired by Leonardo in April 2020. The company focuses on the design of small and medium-class civilian helicopters such as the SH09 helicopter.
The ransomware attack was carried out by the Conti ransomware operator in November 2020. A dental clinic in Georgia, Galstan & Ward Family and Cosmetic Dentistry, suffered a ransomware attack. Interestingly, the facility discovered it after the attackers called to inform them about the attack. Drs. Galstan and Ward did notice that their computer systems displayed some anomalies.
Acronis, a Switzerland based IT and cybersecurity company surveyed 3,400 IT managers from 17 countries across four continents: Australia, Bulgaria, Canada, France, Germany, India, Italy, Japan, Netherlands, Singapore, South Africa, Spain, Sweden, Switzerland, UAE, UK, and the US from both private and public sector. Their report investigates the increase/decrease of cyber attacks and cyber readiness of companies during covid-19 as in their own words, “the COVID-19 pandemic has crippled businesses worldwide”.
In attempts to put pressure on victims, some ransomware gangs are now cold-calling victims on their phones if they suspect that a hacked company might try to restore from backups and avoid paying ransom demands. “We’ve seen this trend since at least August-September,” Evgueni Erchov, Director of IR & Cyber Threat Intelligence at Arete Incident Response, told ZDNet on Friday. Ransomware groups that have been seen calling victims in the past include Sekhmet (now defunct), Maze (now defunct), Conti, and Ryuk, a spokesperson for cyber-security firm Emsisoft told ZDNet on Thursday.
Cyberattack hackers said they’d leak more of the company’s data if it failed to pay $1 million bitcoin ransom. Israel’s Shirbit insurance company, which has reportedly been the victim of an extensive data breach carried out by the Black Shadow group, refused to meet a 9 a.m. Sunday deadline to prevent more of the company’s information being released, Channel 13 reported and cited in The Jerusalem Post.
Round Up of Major Vulnerabilities and Patches
Microsoft is testing a way to quickly bring new features and improvements to Windows 10 outside of the regularly scheduled Windows updates. Historically, when Microsoft wants to bring a new feature or improvement to Windows 10, they include them in scheduled cumulative updates or feature updates. However, scheduled updates make it difficult to quickly roll out a new improvement or fix a discovered bug in an existing feature.
Microsoft’s digital assistant Cortana was first unveiled with Windows Phones and it is now included in all versions of Windows 10. Cortana is evolving, and it’s here to stay, but it’s no secret that many users aren’t really big fans of Cortana after consumer-centric features were removed in May 2020 Update. Microsoft promised that Cortana will eventually get better with regular updates via the Windows Store and the company is finally testing a new feature that could be proven useful for Cortana users.
The group of cyber mercenaries tracked as DeathStalker has been using a new PowerShell backdoor in recent attacks. The cyber mercenaries group known as DeathStalker has been using a new PowerShell backdoor in recent attacks. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012.