The BBC was blasted with over 250,000 malicious email attacks every day in 2020, according to PCR. Data revealed under the Freedom of Information (FOI) Act by the Parliament Street think tank’s cybersecurity team, showed that an average of 283,597 malicious emails were blocked by the organisation every day over the first eight months of this year. On a monthly basis, the data shows that the BBC receives an average of 6,704,188 hostile emails classed as scam or spam. Additionally, an average of 18,662 malware attacks such as viruses, ransomware, and spyware are blocked. Across the period of January 2020 to…
ISBuzz Team
In addition to the news of the sale online of 34 million users’ records from 17 companies, an attack on gold seller JM Bullion has been reported via a notice from the company. Here is a perspective from cybersecurity experts on both of these incidents. More information: Lazada RedMart Statement: https://pages.lazada.sg/wow/i/sg/redmart/redmartdatabasesecurityincident?spm=a2o42.lazmart_channel.0.0.70e948a6uUXEgj&wh_weex=true&scm=1003.4.icms-zebra-100435441-4915234.OTHER_6026139920_6465367 JM Bullion notice Reddit: https://www.reddit.com/r/Gold/comments/jluk70/jm_bullion_security_sensitive_data_breach_just/
The NCSC report shows it uncovered 15,354 campaigns that had used coronavirus themes as a “lure” to fool people into clicking on a link or opening an attachment containing malicious software. However, HPs researchers found that only 5% of the emails they examined used this as a lure – so while this is significant, it is still not a primary tactic. HP’s report found the use of thread jacking was common, where hackers gain access to a user’s inbox and send reply all messages within threads to lure people into clicking on malicious content. Aside from thread-jacking, hackers still favour ‘traditional’…
It’s been reported this morning by ABC Action News that after hackers targeted Florida county election offices in 2016, the state has invested millions of dollars to upgrade election security. I-Team investigator Adam Walser is uncovering where the money went and some of the new security measures counties are using to make sure your vote counts.
On October 27th, the US-CERT published a report summarizing Kimusky’s recent activities and describing the group’s TTPs and infrastructure. Combining the information in the report with the intelligence accumulated by Cybereason Nocturnus over time, the researchers discovered a previously undocumented modular spyware suite dubbed KGH_SPY that provides Kimsuky with stealth capabilities to carry out espionage operations. In addition, Cybereason Nocturnus uncovered another new malware strain dubbed CSPY Downloader that was observed to be a sophisticated tool with extensive anti-analysis and evasion capabilities, allowing the attackers to determine if “the coast is clear” before downloading additional payloads. The full research is available here: https://www.cybereason.com/blog/back-to-the-future-inside-the-kimsuky-kgh-spyware-suite
In the last few years, the MITRE ATT&CK framework has been key to many organisations combatting cyber threats. Essentially the framework is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations of cyberattacks. The objective of the framework is to create a comprehensive list of known adversary tactics and techniques used during a cyberattack. Open to government, education, and commercial businesses, it allows the collection of a wide and exhaustive range of attack stages and sequences. The mapping of the framework data, summarised as threat information, is ultimately one of the main activities that an IT security department will undertake. There are two ways that the data can be used by organisations for threat intelligence; they can be either consumers or producers.…
It has been reported that Lazada, one of the top e-commerce sites in South east Asia has suffered a serious data breach. 1.1 million RedMart accounts was stolen from e-commerce platform Lazada and sold online in a data breach. RedMart is a popular grocery shopping site in Singapore and was acquired by Lazada in 2016 and moved to the Lazada platform in 2019. In addition, reports have surfaced that personal data from 2.8 million Eatigo accounts also stolen and put up for sale online, including 400,000 accounts belonging to users in Singapore. The online restaurant reservation platform said that the information stolen was from more than 18…
The NCSC has shared more than 160 instances of high-risk and critical vulnerabilities with the NHS, sharing 51,000 indicators of compromise (IoCs) with the health service. Evidence suggests that cybercriminals are recalibrating their approach, turning to Ryuk, a particularly malicious form of ransomware, to target hospitals and vaccine developers. Ryuk has been making headlines in the US after crippling various healthcare networks last week. SonicWall’s Q3 Threat Data has identified skyrocketing cases of the Ryuk variant, having seen 67.3 million Ryuk attacks so far this year, up from 5000 in 2019.
A shared user account used by WeWork employees to access printer settings and print jobs had such an incredibly simple password that a customer guessed it, according to TechCrunch. WeWork customers normally have an assigned seven-digit username and a four-digit passcode used for printing documents at WeWork locations. But the username for the account used by WeWork employees was just four-digits: “9999” – and the password was the same as the username. The “9999” account is used by and shared among WeWork community managers, who oversee day-to-day operations at each location, to print documents for visitors who don’t have accounts…
The FBI has warned that US hospital systems are facing ‘imminent’ threat of cyber attacks. In light of this, the ThreatConnect research team has identified several sets of infrastructure associated with ongoing Ryuk activity – the type of ransomware the criminal threat group known as UNC1878 / Wizard Spider has used to target US hospital networks and the proactive measures needed to defend against it.