Categories
APT BEC Breach Conti Cyber Security Data leak Hacking Malware Phishing Ransomware Vulnerability

Leonardo S.p.A. data thieves arrested by Italian police, MetaMask users lose funds to phishing scam, and more

Major cybersecurity events on 7th December 2020 (Morning Post): Food bank loses nearly $1,000,000 in Business Email Compromise scam. LockBit Ransomware operators hit Swiss helicopter maker Kopter. India, third highest in terms of malware attacks, after US and Japan.

Round Up of Major Breaches and Scams

Police arrest two people over stealing sensitive data from defense giant

Italian police arrested two people that have stolen 10 GB of confidental and alleged secret data from the defense company Leonardo S.p.A. Italian police have arrested two people that have been accused of stealing 10 GB of confidental data and military secrets from defense company Leonardo S.p.A. Leonardo is a state-owned multinational company and one of the world’s largest defense contractors.

UK: School IT teacher, 40, is jailed for six years after he hacked into his pupils’ mobile phones to steal naked selfies from teenage girls and store them on his computer

A school IT teacher was jailed for six years today after hacking his pupils’ phones to steal naked selfies of teenage girls and storing them on his computer. High school technology expert Richard Edmunds, 40, told pupils he could fix their broken devices but took their private nude picture when he took their phones home. Edmunds targeted a string of girls while working at a high school in Cardiff to gain iCloud passwords to download more than 1,700 images onto his home computer.

MetaMask phishing steals cryptocurrency wallets via Google ads

Over the past week, users of the MetaMask cryptocurrency wallet have been losing funds to a phishing scam that lured potential victims through Google search ads. MetaMask has a community of more than one million users. The site offers an Ethereum cryptocurrency wallet in the browser via a browser extension that lets distributed applications read from the blockchain.

Food bank loses nearly $1,000,000 in Business Email Compromise scam

A food bank in Philadelphia has ended up out of pocket after scammers successfully tricked it out of almost one million dollars. As The Philadelphia Inquirer reports, hunger relief group Philabundance – which each year receives tens of millions of dollars in donations – was in the process of completing a $12 million construction project of a new community kitchen when the scammers struck.

AU: How paper created a vulnerability for cyber criminals to steal 186,000 people’s data

When the personal data of 186,000 people was breached in a phishing attack on Service NSW in March, the weakness cyber criminals were able to exploit was actually paper. Passports, banking and Medicare details were potentially exposed in photocopied and scanned paper documents stored inside the email accounts of 47 Service NSW employees, which were targeted in the attack.

Round Up of Major Malware and Ransomware Incidents

LockBit Ransomware operators hit Swiss helicopter maker Kopter

LockBit ransomware operators have compromised the systems at the helicopter maker Kopter and published them on their darkweb leak site. The helicopter maker Kopter was hit by LockBit ransomware, the attackers compromised its internal network and encrypted the company’s files. Kopter Group is Switzerland-based company that was founded in 2007 that was acquired by Leonardo in April 2020. The company focuses on the design of small and medium-class civilian helicopters such as the SH09 helicopter.

Dental clinic learns of ransomware attack after phone call from hackers

The ransomware attack was carried out by the Conti ransomware operator in November 2020. A dental clinic in Georgia, Galstan & Ward Family and Cosmetic Dentistry, suffered a ransomware attack. Interestingly, the facility discovered it after the attackers called to inform them about the attack. Drs. Galstan and Ward did notice that their computer systems displayed some anomalies.

Acronis reports India to be third highest in terms of Malware attacks, after US and Japan

Acronis, a Switzerland based IT and cybersecurity company surveyed 3,400 IT managers from 17 countries across four continents: Australia, Bulgaria, Canada, France, Germany, India, Italy, Japan, Netherlands, Singapore, South Africa, Spain, Sweden, Switzerland, UAE, UK, and the US from both private and public sector. Their report investigates the increase/decrease of cyber attacks and cyber readiness of companies during covid-19 as in their own words, “the COVID-19 pandemic has crippled businesses worldwide”.

Ransomware gangs are now cold-calling victims if they restore from backups without paying

In attempts to put pressure on victims, some ransomware gangs are now cold-calling victims on their phones if they suspect that a hacked company might try to restore from backups and avoid paying ransom demands. “We’ve seen this trend since at least August-September,” Evgueni Erchov, Director of IR & Cyber Threat Intelligence at Arete Incident Response, told ZDNet on Friday. Ransomware groups that have been seen calling victims in the past include Sekhmet (now defunct), Maze (now defunct), Conti, and Ryuk, a spokesperson for cyber-security firm Emsisoft told ZDNet on Thursday.

Shirbit declines to pay hackers as it faces further threats of leaked documents, increased ransom

Cyberattack hackers said they’d leak more of the company’s data if it failed to pay $1 million bitcoin ransom. Israel’s Shirbit insurance company, which has reportedly been the victim of an extensive data breach carried out by the Black Shadow group, refused to meet a 9 a.m. Sunday deadline to prevent more of the company’s information being released, Channel 13 reported and cited in The Jerusalem Post.

Round Up of Major Vulnerabilities and Patches

Microsoft tests new method to release Windows 10 features and fixes

Microsoft is testing a way to quickly bring new features and improvements to Windows 10 outside of the regularly scheduled Windows updates. Historically, when Microsoft wants to bring a new feature or improvement to Windows 10, they include them in scheduled cumulative updates or feature updates. However, scheduled updates make it difficult to quickly roll out a new improvement or fix a discovered bug in an existing feature.

Hands on with Cortana’s new file finder feature on Windows 10

Microsoft’s digital assistant Cortana was first unveiled with Windows Phones and it is now included in all versions of Windows 10. Cortana is evolving, and it’s here to stay, but it’s no secret that many users aren’t really big fans of Cortana after consumer-centric features were removed in May 2020 Update. Microsoft promised that Cortana will eventually get better with regular updates via the Windows Store and the company is finally testing a new feature that could be proven useful for Cortana users.

Cyber mercenaries group DeathStalker uses a new backdoor

The group of cyber mercenaries tracked as DeathStalker has been using a new PowerShell backdoor in recent attacks. The cyber mercenaries group known as DeathStalker has been using a new PowerShell backdoor in recent attacks. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012.