Round Up of Major Breaches and Scams
Suspected North Korean hackers have tried to break into the systems of British drug maker AstraZeneca in recent weeks. The hackers posed as recruiters on networking site LinkedIn and WhatsApp to approach AstraZeneca staff with fake job offers. They then sent job descriptions laced with malicious code to gain access to a victim’s computer.
Personal information, including driving licence numbers and phones numbers, of 21,000 British motorists have reportedly been stolen by cyber criminals and put up for sale on dark web marketplaces. The massive breach of personal records of British motorists was obtained by the hackers after breaching a web server owned by an insurance company.
Manchester United has been unable to fully restore its computer systems a week after being targeted in a cyberattack. The Premier League club’s staff still did not have access to email on and some other functions were also unavailable.
Scammers are trying to steal email credentials from employees by impersonating their organization’s human resources (HR) department in phishing emails camouflaged as internal ‘back to work’ company memos. These phishing messages have managed to land in thousands of targeted individuals’ mailboxes after bypassing G Suite email defenses.
A criminal organization has stolen money from at least 35 ATMs and Post Office cash dispensers operated by Italian banks with a new black box attack technique. The Carabinieri of Monza dismantled by the gang, the Italian law enforcement agency confirmed that the cybercrime organization stole about 800,000€ in just 7 months.
Round Up of Major Malware and Ransomware Incidents
The Conti ransomware gang hit infected the systems of industrial automation and Industrial IoT (IIoT) chip maker Advantech and is demanding over $13 million ransom (roughly 750 BTC) to avoid leaking stolen files and to provide a key to restore the encrypted files.
Round Up of Major Vulnerabilities and Patches
Drupal has released emergency security updates to address a critical vulnerability with known exploits that could be exploited to achieve arbitrary PHP code execution on some CMS versions. The Drupal project uses the PEAR Archive_Tar library that was recently updated to address the CVE-2020-28948 and CVE-2020-28949.
Experts found a critical flaw in Real-Time Automation’s (RTA) 499ES EtherNet/IP stack that could allow hacking industrial control systems. Tracked as CVE-2020-25159, the flaw is rated 9.8 out of 10 severity and impacts all versions of EtherNet/IP Adapter Source Code Stack prior to 2.28, which was released on November 21, 2012.