BACKGROUND: According to media reports, Tesco has been the victim of a hacking attempt.
ISBuzz Team
BACKGROUND: Twitter has suspended a hacker who allegedly stole all of the data from Argentina’s database holding the IDs and information of all 45 million citizens of the country. A threat actor using the handle @aniballeaks said they managed to hack into Argentina’s National Registry of Persons — also known as RENAPER or Registro Nacional de las Personas — and was offering to sell the data on a cybercriminal forum.
BACKGROUND: The ransomware group TA505 is trailblazing with mass-volume email attacks on financial institutions using retooled malware and exotic scripting languages. The cybercrime group is targeting financial enterprises with an email phishing campaign where victims are directed to a fake website that is made to look legitimate through which an excel file is downloaded which contains a macro file. It’s this file that then downloads an MSI file that eventually executes the MirrorBlast malware onto the device.
BACKGROUND: Sydney based Financial Review is reporting Coalition moves to boost critical infrastructure security. The Australian government plans to give their security agencies the power to intervene in the case of a cyber-attack on essential services. The bill would direct the Australian Signals Directorate (ASD) to take over control of a business’s cyber defenses during a cyber-attack as a “last resort”. Though based on the premise that most ordinary businesses are not able to bring sophisticated defensive resources to bear on a such an attack, critics see a serious problem with allowing the government to take on this responsibility. As…
BACKGROUND: Gartner Analysts released their list of cybersecurity and privacy predictions for the next few years, floating a number of potential ideas about how the world will respond to certain problems over the next decade. Security will begin to play a bigger role in public policy as well by 2025, with Gartner expecting at least 30% of the world’s nations to pass some form of legislation around ransomware. Gartner also expects more regulation centered around ransomware payments as well as fines and negotiations. Cybersecurity will even become a priority for boards, with Gartner adding that by 2025, 40% of boards…
BACKGROUND: Newark, N.J.-based University Hospital has notified thousands of patients that their protected health information was exposed by a former employee. An interesting aspect of this breach is that it was information of “certain patients treated in the emergency department at UH following motor vehicle accidents between 2016 and 2017.”
BACKGROUND: Cost Of Scams On Wellbeing Calculated As £9bn A Year, ExpeA study by Which? has found that the impact of scams on victims’ wellbeing far outweighs the financial impact. The average cost to wellbeing per victim amounts to over £2,500, compared to an average financial impact of £600.
BACKGROUND: Sinclair TV just confirmed a widespread data breach of their networks that took down many of their tv channels on Sunday and still continues as of 12pm EST. At first calling it a “technical issue”, stations across their networks resorted to posting news on Facebook, telling viewers they had lost access to their normal news services. Security Experts are commented below.
BACKGROUND: The NSA is warning organizations to avoid using wildcard digital encryption certificates in order to minimize the risk from a new form of TLS traffic decryption attacks, dubbed “ALPACA.”This attack, discovered in June, allows threat actors to confuse machine identities that run multiple protocols and trick servers to respond to encrypted HTTPS requests through unencrypted protocols. These unencrypted responses offer a means for cybercriminals to steal cookies and private user data.
BACKGROUND: 451 Research released new findings titled “Modern Clouds Need a Novel Security Approach”, highlighting the challenges with fast-moving and increasing cloud security adoption and how to address them. Key findings include: Cloud remains a significant gap for InfoSecSecurity teams are looking to catch up in cloud expertiseNewer cloud security work is collaborativeNewer cloud deployment environments are increasingly automatedCentralized teams feel the brunt of multi-cloud and multi-platform 451 Research regularly reaches out to key IT stakeholders to research, among other things, different quantitative and qualitative aspects of their security programs. 451 Research found that having adequate knowledge of cloud platform…