It has been announced that Colonial Pipeline reportedly paid the ransomware group responsible for a cyberattack last week close to $5 million to decrypt locked systems. On Thursday, Bloomberg reported that two people close to the matter said a blackmail demand was agreed to within hours of the cyberattack that has impacted the fuel giant’s systems for close to a week.
ISBuzz Team
Later today Foreign Secretary, Dominic Raab, will alert the Cyber UK conference that 80 British schools and universities were hit by ransomware attacks in March, forcing them to delay reopening. Raab will outline how hackers from hostile states and criminal gangs undermine the foundations of society and democracy, as cyberattacks pose a real risk to national and individual security. The real shock is how late the UK Government is sharing what the CyberSecurity community has known for some time. According to the latest in-depth research from the global cybersecurity giant, SonicWall, 2020 was the year when cyber risks reached an all-time high. Global…
Cybersecurity researcher Jeremiah Fowler with Security Discovery reports the discovery of an internet-accessible database containing nearly 200,000 records of US vets containing sensitive data. The report notes “Upon further investigation of the data there were many references to a Jacksonville, North Carolina based company called United Valor Solutions. The records contained patient, physician, employee data, some contact information and diagnostic data, and other potentially sensitive information that should have not been publicly exposed. According to their website: United Valor Solutions provides disability evaluation services for the Veterans Administration and other federal and state agencies.
Verizon has released its Data Breach Investigation Report (DBiR) for year 2021. With 29,207 quality incidents analysed, of which 5,258 were confirmed breaches, the DBiR provides a comprehensive snapshot of the state of cybersecurity globally. Among the key stats were an 11% increase in phishing attacks, a 6% increase in ransomware, and the finding that a staggering 85% of breaches involved a human element.
While it may be inevitable for an organisation to control each and every aspect of the IT systems, a regular backup of all the important files would serve the purpose of not losing valuable data when mishaps happen. To note, Darkside encrypts or deletes backed-up data as well, so companies might also need to consider improving on security posture for the backup systems involved. Email etiquette and essential security training to employees can help contain security incidents. Additionally, email screening can help identify threats before it reaches employees. Running EDR and deploying ZTNA on all endpoints and configuring ZTNA policy…
As reported by Pocketnow, an IT security researcher, who goes by the username stacksmashing on Twitter, managed to get control over Apple’s AirTag object trackers’ microcontroller and modified the underlying software that works when Lost Mode is activated. The hacker then managed to replace the default URL that Apple baked into the AirTag software with his own personal website. The jailbreak raises questions over the potential ability of malicious hackers to bypass the anti-stalking measures Apple has put in place, and use the AirTags for secretly tracking someone. In a recent investigation by The Washington Post, it was discovered that there are several shortcomings in the anti-stalking toolkit of AirTags and…
Multiple outlets are reporting (link to Guardian story) that the Babuk ransomware gang holding Washington DC Police Dept. data – including personnel records – has said it will release that data unless the department increases the price it is willing to pay. The Department had offered $100,000 US.
BACKGROUND: As reported by Verdict, the UK government has a “strong position” against paying ransomware gangs’ demands, Home Secretary Priti Patel has said. “Paying a ransom in response to ransomware does not guarantee a successful outcome,” said Patel. “It will not protect networks from future attacks, nor will it prevent the possibility of future data leaks. In fact, paying a ransom is likely to encourage criminality to continue to use this approach.”
BACKGROUND: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory on ransomware, in response to the DarkSide, the variant used in the recent attack on Colonial Pipeline.
Security researchers with Cleafy on Monday disclosed a new Android trojan that hijacks users’ credentials and SMS messages to facilitate fraudulent activities against banks in Spain, Germany, Italy, Belgium, and the Netherlands. TeaBot, once successfully installed in the victim’s device, can obtain live streaming of the device screen and also interact with it via Accessibility Services. An expert with Blue Hexagon offers perspective.