Categories
Breach Bug Cyber Security Data leak DDoS Hacking Malware Phishing Ransomware Vulnerability

Twitter, Facebook to testify over NYP article, Japanese Shionogi & Co. suffers data breach, and more

Major cybersecurity events on 23rd October 2020 (Evening Post): Russian state-backed hackers, codenamed Energetic Bear, gained access to US governmental networks. Man hacks four Rajasthan schools’ server, issues transfer certificates to 130 students alleging harassment against them.

Round Up of Major Breaches and Scams

Victims promised fictitious vouchers in M&S scam

Cybercriminals have impersonated Marks & Spenser’s CEO, Steve Rowe, in order to trick customers into revealing their bank account details. The scammer’s poster fraudulent adverts promising victims the opportunity to win a gift voucher as part of a prize draw promotion while under the guise of CEO Steve Rowe. Once victims had clicked the ad they were taken to an M&S-branded portal which asked for their name, mobile phone number, address and bank details including their account number and sort code.

Twitter and Facebook ordered to testify over Biden New York Post article

Facebook and Twitter chief’s, Mark Zuckerberg and Jack Dorsey, will be ordered to testify over the alleged censorship of a New York Post article shared on their platforms. The article reveals emails and photographs copied from Hunter Biden, Joe Biden’s son’s laptop. Twitter said that the article had violated its “hacked materials” policy and was blocking users from sharing the article, but it later changed its stance. Facebook limited the spread on the article on their newsfeed while it was being fact-checked.

Japanese drug firm Shionogi hit by cyberattack and data breach

Japanese pharmaceutical firm Shionogi & Co. said Thursday that its Taiwanese subsidiary was hit by a cyberattack earlier this month leading to a data breach, although no information regarding the novel coronavirus vaccine it is currently developing was leaked. The attack was announced this week by the REvil (Sodinokibi) ransomware group, who posted a screenshot of the directory of files on Shionogi’s system with a note.

Russian state-backed hackers gained access to government networks

The FBI and CISA have announced that Russian hackers have breached US governmental networks. The group has been identified under the codename Energetic Bear and are backed by the Russian state. Government officials have said this group have been targeting several local, territorial and tribal government networks since February. As of the 1st of October, Energetic Bear had successfully lifted data from at least two servers.

Alleging harassment of kids admitted under RTE, Rajasthan man hacks schools’ servers

Alleging harassment of kids admitted under RTE, Rajasthan man hacks schools’ servers. A man allegedly hacked the server of four schools and issued transfer certificates of 130 students in Rajasthan’s Sikar district. He then wrote to the district superintendent of police and district education officer, confessing to his crime and alleging that these schools were pressuring the families of children admitted under the Right to Education act.

Data on 2,750 partner firms of Japan Post unit leaked

A computer file containing data on 2,750 business partners of a unit of Japan Post Co. has been leaked, the parent company said Tuesday. On Oct. 6, an employee of the Tokyo-based unit, Japan Post Trading Service Co., which conducts catalog-based sales of midsummer and year-end gifts handled at post offices, mistakenly attached the file to a business email addressed to 32 other partner companies and sent it, according to Japan Post Co., the mail and parcel delivery service arm of Japan Post Holdings Co.

Round Up of Major Malware and Ransomware Incidents

Destructive Malware Spotted in Recent Attacks Launched by Iranian Cyberspies

The Iran-linked cyber-espionage group known as Seedworm appears to have added a new downloader to its arsenal and to have started conducting destructive attacks, security researchers report. Also referred to as MuddyWater, MERCURY, and Static Kitten, the cyber-espionage group was initially analyzed in 2017. Seedworm shows a focus on targeting Middle Eastern organizations, or those in nearby regions.

Round Up of Major Vulnerabilities and Patches

Infected IoT Devices Surge 100% in a Year

The volume of infected Internet of Things (IoT) devices globally has soared by 100% over the past year, according to new data from Nokia. The telecoms equipment maker’s Threat Intelligence Report 2020 is compiled from data processed by service providers using its NetGuard Endpoint Security tool. It revealed that infected IoT devices now comprise nearly a third (32.7%) of the total, up from 16.2% in the 2019 report.

Chrome 86 Starts Blocking Abusive Notification Permission Requests

Google has stepped up its effort against websites that have a history of sending abusive notification content, by blocking notification permission requests in Chrome 86. This is the latest step Google has taken in this direction, after the introduction of the quiet notification permission UI in Chrome 80 and the automatic enrollment in the quiet notification UI for websites that display abusive notification permission requests starting with Chrome 84.