APT CVE Cyber Security Data leak Hacking Jackpotting Malware Phishing Ransomware Vulnerability

Telecom giant Orange confirms ransomware attack, Diebold Nixdorf warns jackpotting attack targeting ATMs, and more

Major cybersecurity events on 17th July 2020 (Morning Post): Seven ransomware families designed to kill running processes target industrial software. CryptBB introduces new platform, helps young hackers to hone their skills. UK, US, Canada claims Russian hackers hacked vaccine trials.

Round Up of Major Breaches and Scams

UK, US, Canada Accuse Russia of Hacking Virus Vaccine Trials

Britain, the United States and Canada accused Russian hackers on Thursday of trying to steal information from researchers seeking a coronavirus vaccine, warning scientists and pharmaceutical companies to be alert for suspicious activity. Intelligence agencies in the three nations alleged that the hacking group APT29, also known as Cozy Bear and said to be part of the Russian intelligence services, is attacking academic and pharmaceutical research institutions involved in COVID-19 vaccine development.

VPN firm that claims zero logs policy leaks 20 million user logs

The VPN company in the discussion is a Hong Kong-based UFO VPN owned by Dreamfii HK Limited. Perhaps, the most ironic moments in the cybersecurity world occur when those who promise to protect your online privacy cannot guard their own turf. We’ve seen this happen from time to time with security firms getting hacked themselves. A similar case had emerged recently when the database of a Hong Kong-based VPN provider called UFO VPN was exposed with more than 20 million users logs.

Amazon-Themed Phishing Campaigns Swim Past Security Checks

A pair of recent campaigns aim to lift credentials and other personal information under the guise of Amazon package-delivery notices. Amazon in the era of COVID-19 has become a staple of many people’s lives, as they order everything from sourdough starter to exercise equipment. Cybercrooks have latched onto the delivery behemoth as a lure for phishing emails, knowing that plenty of legitimate delivery messages are also making it into people’s inboxes and offering cover.

Threat Actors Introduce Unique ‘Newbie’ Hacker Forum

CryptBB becomes more inclusive by inviting less experienced hackers to learn from expert cybercriminals and one another. A well-known private hacking forum has recently become more inclusive, introducing a new platform to help newbie threat actors flourish and hone their expertise, research has found. The discovery is unique, as private hacker forums tend to be the exclusive province of elite cybercriminals.

Round Up of Major Malware and Ransomware Incidents

Seven Ransomware Families Target Industrial Software

A total of seven ransomware families have been found to target processes associated with operational technology (OT) software, and FireEye this week published an analysis of these pieces of malware. Many ransomware families are designed to kill certain types of running processes. They might target security products to prevent them from blocking the attack and they can also terminate critical system.

Orange confirms ransomware attack exposing business customers’ data

Orange has confirmed to BleepingComputer that they suffered a ransomware attack exposing the data of twenty of their enterprise customers. Orange is a French telecommunications company that offers consumer communication services and business services to the enterprise. With 266 million customers and 148,000 employees, Orange is the fourth-largest mobile operator in Europe.

Diebold Nixdorf warns of a new class of ATM ‘black box’ attacks across Europe

ATM maker Diebold Nixdorf is warning banks of a new type of ATM “black box” attack that was recently spotted used across Europe. ATM “black box” attacks are a type of jackpotting attack — when cybercriminals make an ATM spit out cash. A jackpotting attack can be executed with malware installed on an ATM, or by using a “black box.” A black box attack is when an intruder unfastens an ATM outer case to access its ports or cuts a hole in the casing for direct access to its internal wiring or other hidden connectors.

Round Up of Major Vulnerabilities and Patches

Critical Vulnerabilities Can Be Exploited to Hack Cisco Small Business Routers

Cisco on Wednesday released security advisories to inform customers of several critical vulnerabilities that can be exploited remotely to hack small business routers and firewalls that are no longer being sold. One of the critical flaws, which is tracked as CVE-2020-3330 and has a CVSS score of 9.8, affects Cisco Small Business RV110W Wireless-N VPN firewalls.