Malware

13 Feb

Ransomware Hits Technion Israel Institute of Technology

Attacks, Malware

The previously unknown DarkBit gang appeared only this week, and its location is unknown. However, the attackers gave some indicators about their intentions in the ransom note and on their Telegram and Twitter channels. At first look, DarkBit’s operations appear to be hacktivism because of their opposition to “racism, fascism, and apartheid,” but the group’s goals are more complex. Hackers seek to hold Israel accountable for “war crimes against humanity” and “firing high-skilled experts” while…

Read More
13 Feb

Pepsi Bottling Ventures Suffers Data Breach

Attacks, Malware

The company has added more network security measures in reaction to this event, including changing all company passwords and notifying law enforcement. The organization’s routine activities have been paused for all affected systems while an assessment of potentially impacted documents and procedures is ongoing. The recipients of the breach notices are being offered a one-year free-of-charge identity monitoring service through Kroll to help them prevent identity theft that may occur as a result of the…

Read More
13 Feb

Hackers attack Israel’s Technion university, demand over $1.7 million in ransom

Data Breaches, Malware, Social Engineering

Israel’s Technion university on Sunday suffered a ransomware attack, which has forced the university to proactively block all communication networks. A new group calling itself DarkBit has claimed responsibility for the attack.   “The Technion is under cyberattack. The scope and nature of the attack are under investigation,” Technion, one of Israel’s top universities, wrote in a Tweet.   Established in 1912, Haifa-based Technion — otherwise known as the Israel Institute of Technology — has become a global pioneer…

Read More
13 Feb

Plan now to avoid a communications failure after a cyberattack

Data Breaches, Malware, Social Engineering

Responses to recent cyber breaches suggest organizations can struggle to get the message right in the midst of an incident. While managing the communications around an incident is outside the direct purview of the CISO, having an existing communications plan in place is an essential element of cyber preparedness. “Communications are a critical component of a good cyber strategy, and it should be prepared and practiced in organizations before an incident occurs,” says Eden Winokur,…

Read More
10 Feb

Flaws in industrial wireless IoT solutions can give attackers deep access into OT networks

Data Breaches, Malware, Social Engineering

It’s common for operational technology (OT) teams to connect industrial control systems (ICS) to remote control and monitoring centers via wireless and cellular solutions that sometimes come with vendor-run, cloud-based management interfaces. These connectivity solutions, also referred to as industrial wireless IoT devices, increase the attack surface of OT networks and can provide remote attackers with a shortcut into previously segmented network segments that contain critical controllers. Industrial cybersecurity firm Otorio released a report this…

Read More
10 Feb

Indigo Bookstore Website Shuts Down After Cyberattack

Attacks, Malware

It is possible that this attack was the result of Info-stealing malware. According to cybersecurity firm Kela, a large amount of data being shared on the Darknet was advertised as login credentials for Indigo that were stolen by info-stealing malware. Such malware looks for sensitive information on the infected system and also collects details about the machine. Threat actors behind the malware can then use stolen information such as credentials to carry out cyberattacks. It…

Read More
10 Feb

Attackers Breach Reddit to Steal Source Code and Internal Data

Attacks, Malware

All organizations should provide phishing awareness and defense training to all of their employees/users. A simple defense technique would be adopting a zero-trust attitude toward outside communication. For email, the zero-trust model means not allowing the delivery of messages unless they originate from a sender who can be authenticated and who has been granted explicit permission to deliver messages to that inbox. https://www.bleepingcomputer.com/news/security/hackers-breach-reddit-to-steal-source-code-and-internal-data/

Read More
10 Feb

North Korean Ransomware Attacks on Healthcare Fund Government Operations

Attacks, Malware

In this campaign, the North Korean ransomware operators made use of numerous vulnerabilities, tools, and TTPs to accomplish their goals. To protect best against a campaign such as this, it is recommended to provide user education into common phishing tactics, such as trojanized software on typo-squatted domains. Additionally, it is recommended to ensure that all software/hardware is up to date, as the operators made use of numerous vulnerabilities that relied on outdated applications. Further, it…

Read More
10 Feb

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Attacks, Insights, Malware

Original release date: February 10, 2023 CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates. Binding Operational Directive (BOD) 22-01:…

Read More
10 Feb

Top cybersecurity M&A deals for 2023

Data Breaches, Malware, Social Engineering

Uncertainty and instability marked the end of 2022 for many in the tech sector, a trend that bled into the beginning of 2023. Following on the heels of a drought in IT talent came mass layoffs at many of the world’s biggest tech companies as predictions of recession loomed and war in Ukraine dragged on with no end in sight. Global concern over cybersecurity has never been higher, with attacks coming fast and furious and…

Read More