Data Breaches

Dark Pink APT group linked to new KamiKakaBot attacks in Southeast Asia

The recently identified Dark Pink advanced persistent threat (APT) group is likely behind a fresh set of KamiKakaBot malware attacks on ASEAN governments and military entities, according to Netherlands-based cybersecurity company EclecticIQ. The attacks, which took place in February, were “almost identical” to those reported by Singapore-based global cybersecurity firm Group-IB on January 11, ElectricIQ said. Multiple overlapping techniques used in the campaigns helped EclecticIQ analysts attribute the recent attacks as likely to be the…

Read More

Blackbaud penalized $3M for not disclosing the full scope of ransomware attack

Software firm Blackbaud has agreed to pay a $3 million penalty for failing to disclose the full scope of the ransomware attack it suffered in 2020, according to the US Securities and Exchange Commission (SEC). South Carolina headquartered Blackbaud provides donor relationship management software to various non-profit organizations, including charities, higher education institutions, K-12 schools, healthcare organizations, religious organizations, and cultural organizations. The company detected unauthorized access to its systems on May 14, 2020, which…

Read More

6 reasons why your anti-phishing strategy isn’t working

Phishing attempts are typically like fishing in a barrel — given enough time, a bad actor is 100% likely to reel in a victim. Once they recognize organizations as habitually vulnerable, they will continue to target them and the barrel-fishing cycle goes on and on. “Bad actors are highly motivated and funded with the sole attempt to be successful at attracting only one victim,” says Johanna Baum, CEO and founder of Strategic Security Solutions Consulting.…

Read More

New variant of the IceFire ransomware targets Linux enterprise systems

A novel Linux version of the IceFire ransomware that exploits a vulnerability in IBM’s Aspera Faspex file-sharing software has been identified by SentinelLabs, a research division of cybersecurity company  Sentinel One. The exploit is for CVE-2022-47986, a recently patched Aspera Faspex vulnerability. Known up to now to target only Windows systems, the IceFire malware detected by SentinelLabs uses an iFire extension, consistent with a February report from MalwareHunterTeam — a group of independent cybersecurity researchers analyzing…

Read More

What are DDoS attacks?

Distributed denial of service attacks, or DDoS attacks, see malicious actors attempt to disrupt a site by overwhelming its infrastructure with a large amount of internet traffic. As DDoS attacks overwhelm a site’s bandwidth, this prevents users from accessing it.  Here, Cyber Security Hub explores why malicious actors launch DDoS attacks, who they usually target and some key examples of these disruptive attacks.  Contents  Why do malicious actors launch DDoS attacks? How big was the…

Read More

AT&T informs 9M customers about data breach

AT&T is informing customers about a data breach at a vendor’s system that allowed threat actors to gain access to AT&T’s Customer Proprietary Network Information (CPNI). The incident came to light after customers posted the email communication from AT&T on community forums to know if it was legitimate or email fraud. “We recently determined that an unauthorized person breached a vendor’s system and gained access to your ‘Customer Proprietary Network Information’ (CPNI),” AT&T said in…

Read More

CISA funding to top $3 billion under Biden’s FY 2024 budget

President Biden released his FY 2024 budget proposal that seeks a bigger budget for the Cybersecurity and Infrastructure Security Agency (CISA) and greater cyber investigative capabilities for the FBI. The budget also calls for increasing the federal government’s IT modernization efforts, exploring cybersecurity efforts surrounding gender-based cybercrimes, expanding efforts to counter China’s problematic behaviors, and helping Ukraine better defend itself on the digital front. “The Budget continues to invest in cybersecurity programs recognizing that cybersecurity…

Read More

Attacks on SonicWall appliances linked to Chinese campaign: Mandiant

A persistent malware targeting unpatched SonicWall Secure Mobile Access (SMA) appliances has been linked to a Chinese campaign dating back to 2021, according to a Mandiant research done in partnership with SonicWall’s in-house research team. The responsible malware, dubbed UNC4540, has been found to be stealing user credentials, providing shell access, and persisting through firmware upgrades. “This is not a new vulnerability, so a patch was not published,” a Mandiant spokesperson said. “The findings are…

Read More

Stolen credentials increasingly empower the cybercrime underground

The cybercrime underground has long functioned as an open market where sellers of products and services are paired with buyers and contractors. One of the most valuable commodities on this market are stolen credentials since they can provide attackers with access into networks, databases, and other assets owned by organizations. It’s no surprise to see cybercriminals focused on this valuable commodity. “Last year, 4,518 data breaches were reported,” researchers from Flashpoint said in a new…

Read More

New Chinese regulatory body expected to streamline data governance rules

A new data regulation body that China is reportedly set to create is expected to clarify and establish new data sovereigny rules for multinational companies and accelerate tech-based initatives such as public administration services built on anonymized citizen data. The new governent body will streamline data governance policies in the country, amid increasing confusion from businesses that deal with multiple bodies presiding over different aspects of data governance within the country’s borders, according to a…

Read More