Round Up of Major Breaches and Scams
Premier Kids Care, Inc. (PKC) of Georgia provides specialized pharmacy and home clinical services for children with diabetes, endocrinological, and perinatal needs. On April 6, 2020, PKC discovered it had been targeted by a cyberattack and that an unauthorized actor had gained access to PKC systems. An investigation into the incident revealed that the unauthorized actor did obtain some personal information stored on a company computer, although the information did not include any Social Security numbers or financial information.
Experts uncovered a massive fraud operation that used a network of mobile device emulators to steal millions of dollars from online bank accounts. Researchers from IBM Trusteer have uncovered a massive fraud operation that leveraged a network of mobile device emulators to steal millions of dollars from online bank accounts in a few days. The cybercriminals used about 20 mobile device emulators to mimic the phone of over 16,000 customers whose mobile bank accounts had been compromised.
US DOE confirmed that threat actors behind the recent SolarWinds supply chain attack also hacked the networks of the US NNSA nuclear agency. US DOE confirmed this week that threat actors behind the recent SolarWinds supply chain attack also compromised the networks of the US National Nuclear Security Administration (NNSA) agency. “The Department of Energy is responding to a cyber incident related to the Solar Winds compromise in coordination with our federal and industry partners.” said Shaylyn Hynes, DOE Spokeswoman.
Contradicting his secretary of state and other top officials, President Donald Trump on Saturday suggested without evidence that China — not Russia — may be behind the cyberattack against the United States and tried to minimized its impact. In his first comments on the breach, Trump scoffed at the focus on the Kremlin and downplayed the intrusions, which the nation’s cybersecurity agency has warned posed a “grave” risk to government and private networks.
A business app developer’s unsecured Microsoft Azure blob left more than half a million confidential and sensitive documents belonging to its customers freely exposed to the public internet, The Register can reveal. Information contained in the blob included occupational health assessments, insurance claim documents from US firms underwritten by Lloyds of London, and senior barristers’ private opinions about junior colleagues applying for promotion.
The huge data security breach and cyber-ransom attack at Finland’s Vastaamo Psychotherapy Centre has provoked a swift response from the government, which is primed to introduce more rigid laws and measures to protect the country’s databases and sensitive information from cyber criminals. In a significant bolstering of Finland’s data security laws, new legislation will require all enterprises offering social and healthcare services to join Kanta’s state-run national digital services platform.
Telangana state government took over three months to protect sensitive details of its employees and pensioners from its website. The Indian Computer Emergency Response Team (CERT-In) confirmed the vulnerability and replied on email in September to say that the authorities had been intimated about the issue, and Telangana IT Secretary Jayesh Ranjan assured a fix. In August, a server misconfiguration was found on the Telangana government site that risked exposing over 130,000 official files.
Round Up of Major Malware and Ransomware Incidents
Attacks conducted by Iranian hackers against Israeli companies involved the deployment of ransomware and theft of information, threat intelligence company ClearSky reported last week. Observed in November and December 2020 and collectively referred to as operation Pay2Key, the attacks appear to be the work of Iranian state-sponsored threat actor Fox Kitten. Also referred to as Parisite and PIONEER KITTEN, the activity associated with Fox Kitten is said to represent a collaboration between two known state-sponsored Iranian groups, namely APT33 and APT34.
Round Up of Major Vulnerabilities and Patches
At least 36 Al Jazeera journalists, producers, anchors, and executives, along with a journalist at London-based Al Araby TV, had their iPhones hacked using a no-user-interaction zero-day vulnerability in the iOS iMessage app, an academic research group said today. Citizen Lab, a cybersecurity and human rights abuse research group at the University of Toronto, said the zero-day was part of an exploit chain named Kismet that was created and sold by NSO Group, a well-known vendor of spyware and surveillance products.
Recently discovered Gitpaste-12 worm that spreads via GitHub and also hosts malicious payload on Pastebin, has returned with even more exploits. The first iteration of Gitpaste-12 shipped with reverse shell and crypto-mining capabilities and exploited over 12 known vulnerabilities, therefore the moniker. This time, the advanced worm and botnet has returned with over 30 vulnerability exploits.
A Nepal-based IT security researcher Saugat Pokharel identified a Facebook bug that exposed the private data of Instagram users, including their email addresses and birthdays. Ironically, the service promises users that such information won’t be disclosed to the public at the time of registration. According to Pokharel who was participating in the Facebook bug bounty program, the bug made it easy for an attacker to get such private information from Instagram users.