Cowards Hit Papua New Guinea With Ransomware During Covid-19 Surge

Matt Novak

https://gizmodo.com/cowards-hit-papua-new-guinea-with-ransomware-during-cov-1847953543

Excerpt:

“Papua New Guinea’s government finance office has been hit with a ransomware cyberattack and the hackers are demanding bitcoin, according to Bloomberg News. And while many of the specifics surrounding the attack are still unclear, it’s becoming obvious that hackers won’t just target the wealthiest countries and richest corporations with ransomware anymore.”


Police arrest 150 in joint US-Europe dark web sweep

https://www.france24.com/en/live-news/20211026-police-arrest-150-in-joint-us-europe-dark-web-sweep

Excerpt:

“Police in Europe and the United States announced Tuesday the arrest of 150 people who allegedly bought and sold significant volumes of drugs, weapons and other illegal goods on the dark web.”


Iranian gas stations out of service after distribution network hacked

Ionut Ilascu

https://www.bleepingcomputer.com/news/security/iranian-gas-stations-out-of-service-after-distribution-network-hacked/

Excerpt:

“Gas stations from the National Iranian Oil Products Distribution Company (NIOPDC) have stopped working today due to a cyberattack that affected the entire distribution network.”


Pakistani agents hack Sambalpur University website

WCE 3

https://kalingatv.com/state/pakistani-agents-hacks-sambalpur-university-website/

Excerpt:

“Sambalpur: In a shocking incident, some Pakistani agents reportedly hacked the official website of Sambalpur University in Odisha today.”


Hacker sells the data for millions of Moscow drivers for $800

Bill Toulas

https://www.bleepingcomputer.com/news/security/hacker-sells-the-data-for-millions-of-moscow-drivers-for-800/

Excerpt:

“Hackers are selling a stolen database containing 50 million records of Moscow driver data on an underground forum for only $800.”


Gigabyte Allegedly Hit by AvosLocker Ransomware

Lisa Vaas

https://threatpost.com/gigabyte-avoslocker-ransomware-gang/175642/

Excerpt:

“The AvosLocker ransomware gang is claiming that it breached tech giant Gigabyte and has leaked a sample of what it claims are files stolen from the Taiwanese company’s network. It’s offering to sell the rest.”


Aussie cyber spies to control critical infrastructure during ransomware attacks

Inigo Vaca

https://cointelegraph.com/news/aussie-cyber-spies-to-control-critical-infrastructure-during-ransomware-attacks

Excerpt:

“The new bill, if passed, will allow cyberwarfare operatives to take over control of critical infrastructure under attack.”


FBI warns of fake govt sites used to steal financial, personal data

Sergiu Gatlan

https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-govt-sites-used-to-steal-financial-personal-data/

Excerpt:

“The FBI warned the US public that threat actors actively use fake and spoofed unemployment benefit websites to harvest sensitive financial and personal information from unsuspecting victims.”


Secure your databases against opportunistic attackers

Zeljka Zorz

https://www.helpnetsecurity.com/2021/10/19/secure-databases/

Excerpt:

“If you connect databases / servers to the internet and secure them poorly, you can count on them getting compromised quickly.”


Sinclair confirms ransomware attack after TV station disruptions

Jonathan Greig

https://www.zdnet.com/article/sinclair-confirms-ransomware-attack-after-tv-station-disruptions/

Excerpt:

“Sinclair Broadcast Group -- which controls hundreds of TV stations across the US -- has confirmed a ransomware attack on certain servers and workstations.”


The importance of crisis management in the age of ransomware

Zeljka Zorz

https://www.helpnetsecurity.com/2021/10/18/ransomware-crisis-management/

Excerpt:

“Cybersecurity crises are becoming commonplace. With the massive surge in ransomware attacks in the last few years, businesses can’t afford to ignore the increasing possibility of facing one, and should invest money and effort into crisis management.”


Check your iPhone for compromised passwords... NOW!

Adrian Kingsley-Hughes

https://www.zdnet.com/article/check-your-iphone-for-compromised-passwords-now/

Excerpt:

“Compromised passwords are a fast track to all sorts of online headaches.”


Student using iOS 15's Live Text to steal class notes gets an A+ at life

Jack Morse

https://sea.mashable.com/tech/17898/student-using-ios-15s-live-text-to-steal-class-notes-gets-an-a-at-life

Excerpt:

“A viral TikTok showing a student using iOS 15's Live Text to copy, and digitize, a classmate's notes has renewed interest in the mostly overlooked feature. Live Text allows iPhone users with an iPhone XS or newer (and the latest operating system) to take a photo of text, highlight that text, and then copy and paste it.”


When It Comes to Cybercrime Beware of Social Engineers

Luis Monzon

https://www.itnewsafrica.com/2021/10/when-it-comes-to-cybercrime-beware-of-social-engineers/

Excerpt:

“You would be forgiven for thinking that terms like phishing, vishing, whaling, and pharming all had something to do with either a water sport or a pharmaceutical company, but every one of these is a cybercrime attack.”


Human hacking increased as apps and browsers moved completely to the cloud

https://www.helpnetsecurity.com/2021/10/15/human-hacking-increased/

Excerpt:

“Human hacking – phishing attacks across all digital channels – has dramatically increased in 2021. SlashNext released its first report showing a 51% increase in attacks compared to 2020, and increasingly these attacks are happening outside of email.”


MyKings botnet operators already amassed at least $24 million

Pierluigi Paganini

https://securityaffairs.co/wordpress/123312/malware/mykings-botnet-still-alive.html

Excerpt:

“Avast Threat Labs researchers reported that the MyKings botnet (aka Smominru or DarkCloud) is still alive and is allowing its operators to earn huge amounts of money via cryptomining activities. Avast researchers reported that since 2019, MyKings operators have amassed at least $24 million in the Bitcoin, Ethereum, and Dogecoin. However, experts pointed out that the botnet uses more than 20 cryptocurrencies in total, for this reason the total financial gains could be greater than $24M.”


Cybersecurity shortcomings exposed by the pandemic

https://www.helpnetsecurity.com/2021/10/13/cybersecurity-shortcomings/

Excerpt:

“SecureAge announced the release of its study which polled 200 employers and 400 employees from around the UK business world during Q3 2021, and examined key cybersecurity topics and trends.”


Olympus suffers second cyberattack in 2021

Jonathan Greig

https://www.zdnet.com/article/olympus-announces-second-cyberattack-in-2021/

Excerpt:

“On Tuesday, Japanese tech manufacturer Olympus said that it was investigating a cyberattack on its IT systems in the US, Canada, and Latin America.”


Ukraine Police Cuff Botnet Herder Who Controlled 100K Machines

Phil Muncaster

https://www.infosecurity-magazine.com/news/ukrainian-police-cuff-botnet-100k/

Excerpt:

“Ukrainian law enforcers have arrested a suspected botnet herder responsible for controlling an automated network of around 100,000 compromised machines to launch DDoS and other attacks.”


Banking Insider Accused of Role in $1m BEC Scheme

Phil Muncaster

https://www.infosecurity-magazine.com/news/banking-insider-accused-role-bec/

Excerpt:

“Three men including one former bank employee have been indicted by a federal grand jury for their alleged role in a business email compromise (BEC) conspiracy.”


Google notifies 14,000 Gmail users of targeted APT28 attacks

Catalin Cimpanu

https://therecord.media/google-notifies-14000-gmail-users-of-targeted-apt28-attacks/

Excerpt:

“Google has sent email notifications to more than 14,000 Gmail users that they’ve been the target of a spear-phishing attack orchestrated by a state-sponsored hacking group.”


Twitch source code leaked by anonymous hacker

Ed Nightingale

https://www.eurogamer.net/articles/2021-10-06-twitch-source-code-leaked-by-anonymous-hacker

Excerpt:

“Twitch has finally acknowledged this morning's reports of a security breach and has said it is now investigating further.”


Large ransom demands and password-guessing attacks escalate

https://www.helpnetsecurity.com/2021/10/05/large-ransom-demands/

Excerpt:

“ESET released a report that summarizes key statistics from its detection systems and highlights notable examples of its cybersecurity research.”


Yet again, Cream Finance skimmed by crooks: $130m in crypto assets stolen

Thomas Claburn

https://www.theregister.com/2021/10/28/cream_ethereum_theft/

Excerpt:

“Decentralized finance biz Cream Finance became further decentralized on Wednesday with the theft of $130m worth of crypto assets from its Ethereum lending protocol.”


Ransomware Hackers Who Attacked Over 100 Companies Arrested in Ukraine

Ravie Lakshmanan

https://thehackernews.com/2021/10/ransomware-hackers-who-attacked-over.html

Excerpt:

“Law enforcement agencies have announced the arrest of two "prolific ransomware operators" in Ukraine who allegedly conducted a string of targeted attacks against large industrial entities in Europe and North America since at least April 2020, marking the latest step in combating ransomware incidents.”


Coinbase sends out breach notification letters after 6,000 accounts had cryptocurrency stolen

Jonathan Greig

https://www.zdnet.com/article/coinbase-sends-out-breach-notification-letters-after-6000-accounts-had-funds-stolen/

Excerpt:

“Coinbase is sending out breach notification letters to thousands of users after they discovered a "third-party campaign to gain unauthorized access to the accounts of Coinbase customers and move customer funds off the Coinbase platform."


Britain to set up new cyber centre, threatens retaliation if attacked | #cybersecurity | #cyberattack

https://nationalcybersecuritynews.today/britain-to-set-up-new-cyber-centre-threatens-retaliation-if-attacked-cybersecurity-cyberattack/

Excerpt:

” Britain will launch cyber attacks in response to similar actions by so-called “hostile states” like Russia, the country’s Defence Secretary says.”


Today’s cars are mobile data centers, and that data needs to be protected

Richard Searle

https://www.helpnetsecurity.com/2021/10/01/cars-mobile-data-centers/

Excerpt:

“In a recent report, AlixPartners estimate that the global microchip shortage will cost car manufacturers $110 billion dollars in 2021, through the lost production of around 3.9 million vehicles. The impact of this supply chain issue demonstrates how vital microelectronics and computational power have become within the context of modern vehicle design.”