Cybersecurity Weekly: Kaspersky busts hacker group, German police raid dark web bunker, Baltimore had no backups before ransomware attack
Kaspersky busts a hacking group using their own AV. German police raid a dark web bunker, shutting down more than 200 servers. The city of Baltimore reports that it had no backups when it was hit with ransomware back in May 2019. All this, and more, in this week’s edition of Cybersecurity Weekly.
Phishing simulations & training
1. Kaspersky finds Uzbekistan hacking group using its antivirus program
A new threat actor tied to Uzbekistan's State Security Service has been unmasked by threat researchers at Kaspersky Lab. The unmasking wasn't very hard to do, since the government group used Kaspersky antivirus software. That antivirus installed on the hackers’ computers sent binaries of the malware back to Kaspersky for analysis.
Read more »
2. Breaking into a Jeep using radio frequency jamming
Documented in their blog post, offensive security enthusiasts Anthony Rose and Jacob Krasnov chose a unique target to experiment on: a Jeep Wrangler. By mimicking the radio signals sent by the key fob, they were able to unlock the car and activate the remote starter.
Read more »
3. U.S. Senate passes bill aimed at combating ransomware attacks
The proposed law authorizes the Department of Homeland Security to invest in and develop “incident response teams” to help organizations battle ransomware attacks. Under the proposed law, DHS would create teams to protect state and local entities from cyber threats, as well as restore infrastructure that has been affected by ransomware attacks.
Read more »
4. German police raid “Cyberbunker 2.0” in dark web market sting
German authorities arrested seven people in connection with the raid of a dark web hosting operation that allegedly supported multiple cybercrime and drug markets with hundreds of servers buried inside a military bunker. Police reportedly seized $41 million worth of funds and more than 200 servers allegedly tied to these markets.
Read more »
5. City of Baltimore reportedly had no data backup process before ransomware attack
A new audit has shown that prior to the ransomware attack in May 2019, in many instances, the only copies of critical data that Baltimore had was what was stored on user systems. Despite concerns over damaging ransomware attacks, the city’s IT department had no cloud backup or other data-recovery mechanisms in place. Many employees were simply saving files to their local computer.
Read more »
6. Hacker steals over 218 million Zynga gamers’ data
Going by the online alias Gnosticplayers, the serial hacker told The Hacker News that he managed to breach Words With Friends, a popular Zynga-developed word puzzle game, and access a massive database of more than 218 million users. The data breach affected all players who installed and signed up for the Words With Friends game before September 3, 2019.
Read more »
7. Ten hospitals in Alabama and Australia hit with ransomware attacks
Several hospitals and health service providers from the U.S. and Australia were hit by ransomware attacks that forced the administrators to shut down part of their IT infrastructure. “A criminal is limiting our ability to use our computer systems in exchange for an as-yet unknown payment,” an affected healthcare provider wrote in a press release.
Read more »
8. Comodo Forums hack exposes 245,000 users' data
Cybersecurity company Comodo has become one of the major victims of a recently disclosed vBulletin zero-day vulnerability, exposing account information of approzimately 245,000 users registered with the company’s websites. Included in the breached database were users’ names, usernames, email addresses, hashed passwords, IP addresses and social media usernames.
Read more »
9. Facebook patches critical WhatsApp security flaw
This week, a security researcher posted details on a new remotely exploitable vulnerability in WhatsApp. Attackers could leverage this via a malicious GIF to steal messages, video, audio and other content from devices running the app. The disclosure on GitHub is the second critical vulnerability involving WhatsApp in recent months.
Read more »
See Infosec IQ in action
10. 49% of infosec pros are awake at night worrying about their organization’s cybersecurity
According to a BitDefender study of over 6,000 cybersecurity professionals, more than half are worried about their organization's ability to deal with a global cyberattack. More than a third of respondents also report that there is a lack of cybersecurity understanding from their employees.
Read more »
In this Series
- Cybersecurity Weekly: Kaspersky busts hacker group, German police raid dark web bunker, Baltimore had no backups before ransomware attack
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
