The UK government announced its Cyber Security Breaches Survey – which confirmed that two in five UK firms have suffered a cyber-attack in the past 12 months. While this might not come as a surprise, the data further cements just how prevalent cyber-attacks are coming.
ISBuzz Team
Recorded Future is reporting that the PDI group, a major supplier of military equipment to the US Air Force, appears to have fallen victim to a ransomware attack. The group behind the Babuk Locker ransomware has posted samples of the data and is threatening to leak more than 700 GB of data they claim to have stolen from PDI’s internal network in a ransom demand. Experts with SCYTHE and Gurucul offer perspective.
Two new Accellion file sharing server-related hacks have been reported – grades and social security numbers for students at the University of Colorado, and University of Miami Health System patient data have been posted online by the Clop ransomware group.
Researcher Troy Hunt is sharing that UK retailer FatFace has been breached, and contrary to GDPR requirements, was slow to report it. Moreover, it has advised both customers and employees that stolen card data can’t be used illegally because there was only partial data stolen. In an email sent to thousands of customers, they requested customers “keep this email and the information included within it strictly private and confidential.” Gurucul offers perspective.
Two severe vulnerabilities have been patched in Facebook for WordPress Plugin, which has been installed on over 500,000 websites. An attacker exploiting the most severe vulnerability could supply the plugin with PHP objects for malicious purposes, and upload files to a vulnerable website and achieve Remote Code Execution (RCE).
In response to reports that Sierra Wireless, the leading IoT solutions provider, disclosed a ransomware attack that forced it to halt production at all manufacturing sites, experts offer perspective.
Following the NCSC’s warning around targeted ransomware attacks on the UK education sector, experts commented below.
CNA Insurance has undergone a cyberattack that has disrupted their network. The attack was determined on March 21 and CNA has since posted a statement on their website. Excerpt: “On March 21, 2021, CNA determined that it sustained a sophisticated cybersecurity attack. The attack caused a network disruption and impacted certain CNA systems, including corporate email.””Upon learning of the incident, we immediately engaged a team of third-party forensic experts to investigate and determine the full scope of this incident, which is ongoing. We have alerted law enforcement and will be cooperating with them as they conduct their own investigation.”
Researchers at WizCase have discovered a massive data leak that belongs to FBS, a Cyprus-based online trading broker used by millions of traders in over 190 countries. The leak includes sensitive personally identifiable information (PII), financial information, government documents, numbers, and even passwords in plaintext form. The data exposure lasted for at least a few days before FBS responded to WizCase’s report and secured the ElasticSearch server that was left open to access by anyone due to a misconfiguration.
Facebook has just announced cyber espionage activity hitting Uyghurs on the platform.