Cybersecurity Weekly: Ryuk ransomware, U.S. pipeline outage, Chrome privacy update
A Ryuk ransomware attack was sprung by a frugal student. The U.S. declares a state of emergency after ransomware hits their largest fuel pipeline. Google Chrome's new privacy feature restricts online user tracking. All this, and more, in this week’s edition of Cybersecurity Weekly.
1. Ryuk ransomware attack sprung by frugal student
A European institute involved in COVID-19 research lost a week’s worth of research data after a Ryuk ransomware attack. This attack was traced back to a student trying to save money by buying unlicensed software that unknowingly contained a remote-access trojan.
2. U.S. declares state of emergency after ransomware hits largest pipeline
After a ransomware attack on Colonial Pipeline forced the company to shut down 5,500 miles of fuel pipeline, the Federal Motor Carrier Safety Administration issued a regional emergency declaration affecting 17 states and the District of Columbia. U.S. officials told multiple publications that Darkside ransomware is responsible for the attack.
3. Google Chrome's new privacy feature restricts online user tracking
Google is adding support for a new HTML tag that prevents user tracking by isolating embedded content from the page embedding it. With browser developers restricting third-party cookies to prevent user tracking, advertising companies proposed different programming APIs that advertisers can use for interest-based advertising.
4. NatWest Bank scheduled payments bug may have cost clients money
Last week, the UK-based NatWest Bank emailed multiple customers to ask them to check their debit transactions over the last year. The email alerts state that due to a system error, many more payments may have been debited from customer accounts than the originally agreed-upon frequency.
5. WhatsApp to restrict features if users refuse Facebook data sharing
WhatsApp says that it will not delete or deactivate the accounts of users who oppose its latest privacy policy update that requires sharing data with Facebook companies. The company backtracks on a previous decision that gave its users a harsh ultimatum to accept sharing their data with Facebook or delete their accounts.
6. Fintech startup offers $500 for payroll passwords
A financial startup is offering up to $500 to anyone willing to hand over the payroll account username and password given to them by their employer, plus a regular payment for each month afterwards in which those credentials still work. It’s building a platform where people who work multiple jobs and/or side hustles can improve their credit and employment options.
7. TsuNAME flaw exposes DNS servers to DDoS attacks
Researchers at SIDN Labs, InternetNZ and the Information Science Institute at the University of Southern California have discovered a vulnerability in some DNS resolvers. The flaw can be exploited by attackers to launch distributed denial-of-service attacks against authoritative DNS servers.
8. 19 petabytes of data exposed across 29,000 unprotected databases
Cybersecurity researchers found more than 29,000 unprotected databases worldwide that are still publicly accessible, leaving close to 19,000 terabytes of data exposed to anyone, including threat actors. This makes databases a prime target for malicious actors who are eager to exploit unprotected systems and get their hands on profitable information.
9. Fortnite trial exposing details about the biggest iPhone hack on record
As part of the trial against Epic Games, Apple released emails that show that 128 million users downloaded apps containing malware from the App Store. Apple never disclosed the exact number of victims, but it did say at the time that it would notify them.
10. Qualcomm chip bug opens Android fans to eavesdropping
A vulnerability in a 5G modem data service could allow mobile hackers to remotely target Android users by injecting malicious code into a phone’s modem. This gives them the ability to execute code, access mobile users’ call histories and text messages, and eavesdrop on phone calls.
In this Series
- Cybersecurity Weekly: Ryuk ransomware, U.S. pipeline outage, Chrome privacy update
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
We’ll customize our demo to your
- Security awareness goals
- Existing security and employee training tools
- Industry and compliance requirements
