As we are at the onset of a new year ahead, let’s revisit some cyber-attacks and lessons learned to be taken forward. We will be sharing expert comments, vulnerabilities, and attacks that have made businesses worry, sharing cyber hygiene tips and best practices to follow to keep your confidential data and valuable assets secure from attacks. #cyberthreats #cyberattack
In this article, you will read about recent cyber news :
1. Bleeping Computer (November 27, 2022) 5.4 million Twitter users’ stolen data leaked online — more shared privately
Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum.
Another massive, potentially more significant, data dump of millions of Twitter records has also been disclosed by a security researcher, demonstrating how widely abused this bug was by threat actors.
Find out more – 5.4 million Twitter users’ stolen data leaked online — more shared privately (bleepingcomputer.com)
2. The Hacker News (November 24, 2022) Black Basta Ransomware Gang Actively Infiltrating U.S. Companies with Qakbot Malware
QakBot is a banking trojan used to steal financial data and credentials. Companies based in the U.S. have been at the receiving end of an “aggressive” Qakbot malware campaign that leads to Black Basta ransomware infections on compromised networks. The Black Basta ransomware gang is using QakBot malware to create an initial point of entry and move laterally within an organization’s network.
Black Basta, which emerged in April 2022, follows the tried-and-tested approach of double extortion to steal sensitive data from targeted companies and use it as leverage to extort cryptocurrency payments by threatening to release stolen information.
Find out more – Black Basta Ransomware Gang Actively Infiltrating U.S. Companies with Qakbot Malware (thehackernews.com)
3. CyberNews (November 24, 2022) Why individual arrests will not shut down LockBit
Canadian authorities recently arrested Mikhail Vasiliev, a 33-year-old Russian national suspected of having ties with the notorious LockBit ransomware cartel. Vasiliev was no small catch, as Europol believes the Russian national’s ransom demands ranged between €5 to €70 million.
Find out more – Why individual arrests will not shut down LockBit | Cybernews
4. Tech Monitor (November 23, 2022) FBI joins investigation into Continental ransomware attack
The Federal Bureau of Investigation (FBI) has joined the investigation into the #Ransomware attack against manufacturing company Continental which occurred in August and was carried out by notorious ransomware gang #Lockbit 3.0 (which the FBI has been pursuing for several years) who stole 40TB of the company’s data and sold it online for $50m.
Find out more – https://techmonitor.ai/technology/cybersecurity/continental-cyberattack-ransomware-lockbit-fbi
5. Cybernews (November 22, 2022) Compromised emails can sometimes lead to bruised faces
Business email compromise, or BEC for short, is the most profitable segment of online fraud. Threat actors take over email accounts to impersonate companies and steal data. According to the Federal Bureau of Investigation (FBI), BEC fraud has accounted for an astounding $43 billion over the last six years. To put it in context, Elon Musk had to create PayPal, Tesla, and SpaceX and take out loans to muster almost the same amount of money to buy the influential social platform Twitter.
Find out more – Compromised emails can sometimes lead to bruised faces | Cybernews
6. CNBC (November 21, 2022) DraftKings says no evidence systems were breached the following report of a hack
DraftKings said Monday there is no evidence the online betting platform’s systems were breached following a report that some users were hacked.
An unknown number of users discovered unusual activity associated with their DraftKings account that led to withdrawals from their bank accounts, according to a report by The Action Network and social media posts. Several users described being locked out of their accounts before noticing the drawdowns.
Find out more – DraftKings says no evidence systems were breached in the following report of a hack (cnbc.com)
7. The Hacker News (November 16, 2022) Researchers Discover Hundreds of Amazon RDS Instances Leaking Users’ Personal Data
Researchers at Mitiga have discovered hundreds of Amazon RDS instances that are exposing personally identifiable information (#PII) providing potential threat actors with everything they need to launch an attack on the individuals affected. The leaked information includes names, email addresses, phone numbers, dates of birth, marital status, car rental information, and even company logins.
Find out more – https://thehackernews.com/2022/11/researchers-discover-hundreds-of-amazon.html
8. CISA (November 16, 2022) The Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation (FBI) have released a cybersecurity advisory (CSA) to announce that the APT actors sponsored by the Iranian government have compromised the US federal network. The threat actors took advantage of a #Log4Shell vulnerability in an unpatched #WMwareHorizon server to launch the attack, installing #XMRig crypto mining software, compromising credentials, and implanting #Ngrok reverse proxies on several hosts to maintain persistence.
Find out more from Cybersecurity and Infrastructure Security Agency – https://www.cisa.gov/uscert/ncas/alerts/aa22-320a?&web_view=true
9. Tech Radar (November 9, 2022) Small businesses worry about cutting security budgets as economic worries hit hard
A new report from OpenText has found that the majority of #SMBs are increasingly worried about #CyberAttacks and would like to increase their #EndPointSecurity budgets. The report found that the majority of small and medium-sized enterprises are forced to leave themselves vulnerable due to economic uncertainty.
Find out more – https://www.techradar.com/news/small-businesses-worry-about-cutting-security-budgets-as-economic-worries-hit-hard
10. The Hacker News( November 2, 2022) Dropbox Breach: Hackers Unauthorizedly Accessed 130 GitHub Source Code Repositories
File hosting service Dropbox on Tuesday disclosed that it was the victim of a phishing campaign that allowed unidentified threat actors to gain unauthorized access to 130 of its source code repositories on GitHub.
The breach resulted in the access of some API keys used by Dropbox developers as well as “a few thousand names and email addresses belonging to Dropbox employees, current and past customers, sales leads, and vendors.”
Find out more – https://thehackernews.com/2022/11/dropbox-breach-hackers-unauthorizedly.html
Rainbow Secure offers Multi-layer graphical Login Authentication Service for your email to protect your business from account takeover over attacks. Rainbow Secure also offers Single Sign On with multi-layer graphical security and advanced security protection is ideal in today’s world of hybrid work and increased data sharing. Consult Rainbow Secure Team to save your business from these data breach costs and use that money to grow your business.