Cybersecurity Weekly: Kaspersky busts hacker group, German police raid dark web bunker, Baltimore had no backups before ransomware attack

October 7, 2019 by Sam Fay

Kaspersky busts a hacking group using their own AV. German police raid a dark web bunker, shutting down more than 200 servers. The city of Baltimore reports that it had no backups when it was hit with ransomware back in May 2019. All this, and more, in this week’s edition of Cybersecurity Weekly.

1. Kaspersky finds Uzbekistan hacking group using its antivirus program

A new threat actor tied to Uzbekistan’s State Security Service has been unmasked by threat researchers at Kaspersky Lab. The unmasking wasn’t very hard to do, since the government group used Kaspersky antivirus software. That antivirus installed on the hackers’ computers sent binaries of the malware back to Kaspersky for analysis.
Read more »

2. Breaking into a Jeep using radio frequency jamming

Documented in their blog post, offensive security enthusiasts Anthony Rose and Jacob Krasnov chose a unique target to experiment on: a Jeep Wrangler. By mimicking the radio signals sent by the key fob, they were able to unlock the car and activate the remote starter.
Read more »

3. U.S. Senate passes bill aimed at combating ransomware attacks

The proposed law authorizes the Department of Homeland Security to invest in and develop “incident response teams” to help organizations battle ransomware attacks. Under the proposed law, DHS would create teams to protect state and local entities from cyber threats, as well as restore infrastructure that has been affected by ransomware attacks.
Read more »

4. German police raid “Cyberbunker 2.0” in dark web market sting

German authorities arrested seven people in connection with the raid of a dark web hosting operation that allegedly supported multiple cybercrime and drug markets with hundreds of servers buried inside a military bunker. Police reportedly seized $41 million worth of funds and more than 200 servers allegedly tied to these markets.
Read more »

5. City of Baltimore reportedly had no data backup process before ransomware attack

A new audit has shown that prior to the ransomware attack in May 2019, in many instances, the only copies of critical data that Baltimore had was what was stored on user systems. Despite concerns over damaging ransomware attacks, the city’s IT department had no cloud backup or other data-recovery mechanisms in place. Many employees were simply saving files to their local computer.
Read more »

6. Hacker steals over 218 million Zynga gamers’ data

Going by the online alias Gnosticplayers, the serial hacker told The Hacker News that he managed to breach Words With Friends, a popular Zynga-developed word puzzle game, and access a massive database of more than 218 million users. The data breach affected all players who installed and signed up for the Words With Friends game before September 3, 2019.
Read more »

7. Ten hospitals in Alabama and Australia hit with ransomware attacks

Several hospitals and health service providers from the U.S. and Australia were hit by ransomware attacks that forced the administrators to shut down part of their IT infrastructure. “A criminal is limiting our ability to use our computer systems in exchange for an as-yet unknown payment,” an affected healthcare provider wrote in a press release.
Read more »

8. Comodo Forums hack exposes 245,000 users’ data

Cybersecurity company Comodo has become one of the major victims of a recently disclosed vBulletin zero-day vulnerability, exposing account information of approzimately 245,000 users registered with the company’s websites. Included in the breached database were users’ names, usernames, email addresses, hashed passwords, IP addresses and social media usernames.
Read more »

9. Facebook patches critical WhatsApp security flaw

This week, a security researcher posted details on a new remotely exploitable vulnerability in WhatsApp. Attackers could leverage this via a malicious GIF to steal messages, video, audio and other content from devices running the app. The disclosure on GitHub is the second critical vulnerability involving WhatsApp in recent months.
Read more »

10. 49% of infosec pros are awake at night worrying about their organization’s cybersecurity

According to a BitDefender study of over 6,000 cybersecurity professionals, more than half are worried about their organization’s ability to deal with a global cyberattack. More than a third of respondents also report that there is a lack of cybersecurity understanding from their employees.
Read more »

Posted: October 7, 2019
Sam Fay
View Profile