The Scottish Environment Protection Agency (SEPA) has confirmed that it was hit by a ransomware attack last month and is continuing to feel the impact, according to ZDNet. The cyberattack was carried out on Christmas Eve. The government regulator representing Scotland’s government also confirmed that 1.2GB was stolen in the attack. The attack also affect the operation of SEPA in providing flood forecasting and warning services, as well as regulation and monitoring services. While the organisation itself hasn’t confirmed what form of ransomware it has fallen victim to, Conti ransomware has claimed the attack.
ISBuzz Team
The discovery of multiple backdoors and vulnerabilities in FibreHome routers was announced this week. FibreHome Technologies is a leading equipment vendor and global solution provider in the field of information technology and telecommunications. There was at least 28 backdoor accounts and several other vulnerabilities found in the firmware of a popular FTTH ONT router found in a report published last week.
Following the news that criminals released altered medical documents obtained from the European Medicines Agency breach to undermine trust in the Pfizer vaccine please find a comment below from the CEO on this breach.
After a volatile year where the cyber threat landscape evolved as the COVID-19 pandemic progressed, what lessons can we take from 2020, and how should we adapt to the trends we anticipate in 2021? 2020 was the year that everything changed. A shift to remote working led many organisations to evolve their systems, and as their cyber security postures lagged behind hackers were quick to exploit any weaknesses they could. Where many saw a crisis in the COVID-19 pandemic, hackers saw an opportunity. Cyber-attacks increased at the beginning of UK lockdown in March, and the cybercriminal fraternity claimed several high-profile…
In a report released yesterday [https://www.group-ib.com/media/mammoth-migration/], security firm Group-IB has described a Russian-speaking scam operation that started targeting users of European marketplaces and classifieds. The scheme, dubbed Classiscam, is an automated scam as a service designed to steal money and payment data. Experts have so far identified at least 40 active Classiscam gangs that use scam pages mimicking popular classified, marketplace, and delivery companies with every one of them running a separate Telegram bot.
In a report released this week, security firm Group-IB has described a Russian-speaking scam operation that started targeting users of European marketplaces and classifieds. The scheme, dubbed Classiscam, is an automated scam as a service designed to steal money and payment data. Experts have so far identified at least 40 active Classiscam gangs that use scam pages mimicking popular classified, marketplace, and delivery companies with every one of them running a separate Telegram bot.
Cloud-based email management company Mimecast recently disclosed that a threat actor obtained one of its digital certificates and used it to gain access to some of its clients’ Microsoft 365 accounts.
Microsoft ended 2020 as the brand most frequently targeted by cyber criminals, with 43% of all brand phishing attempts related to the tech giant in Q4, according to IT Pro. This was a 24% increase from the third quarter of the year, which saw 19% of all attempts linked to the tech giant. The attempts are from criminals looking to steal personal information or payment credentials by impersonating well-known brands that are likely to be used by the employee and their organisation. Shipping firm DHL was the second most-spoofed brand for the end of 2020, as criminals sought to take advantage…
It has been reported that Ring has launched a technical preview of video end-to-end encryption to bolster the security of home video feeds. This week, the Amazon-owned smart doorbell maker said the feature is currently being rolled out to customers in order to elicit feedback, and if it proves to be successful, end-to-end video encryption could eventually be offered to users that want to add an “additional layer of security to their videos” as an opt-in feature. “We will continue to innovate and invest in features that empower our neighbors with the ability to easily view, understand, and manage how their videos and information…
It has been reported that the Iranian group APT35 (also known as Charming Kitten or Phosphorus) executed sophisticated spear-phishing campaigns that involved not only email attacks but also SMS messages over the festive season.