Sys & Infrast Lifecycle Mngt 1

 

The breach is said to have occurred last year on December 10, 2021, with the downloaded reports including customers’ full names as well as their brokerage account numbers, and in some cases, brokerage portfolio value, brokerage portfolio holdings. It was unclear how many users were affected by the breach, but Block — which said it only recently discovered the incident — said it was contacting about 8.2 million current and former customers as part of its response efforts. While a formal investigation is ongoing, the financial platform also said it has notified law enforcement and “continues to review and strengthen administrative and technical safeguards to protect its customers’ information.” “The company currently does not believe this event will have a material impact on its business, operations or financial performance,” Bullock added.

https://thehackernews.com/2022/04/block-admits-data-breach-involving-cash.html

 

Dan Xu

 

Researchers from the University of London and Catania University have discovered how to weapon Amazon Echo devices for self-attack. To get the device to play a maliciously crafted recording, the attacker needs a smart phone or laptop within Bluetooth pairing range. Unlike Internet-based attacks, this scenario requires proximity to the target device.

 

Once paired, the Bluetooth device can connect and disconnect from the Echo without having to perform the pairing process again. Therefore, the real attack could occur within a few days of pairing. The research prompted Amazon to patch the command self-publishing vulnerability, which was caused by a long period of silence caused by interrupting tags, as demonstrated by the researchers. They also set up systems to continuously monitor for potentially malicious behavior in real time.

Novel Attack Turns Amazon Devices Against Themselves

Dan Xu

This article is about a data breach that happened at Washington Health District. A Health District in the State of Washington has made its second data breach announcement of 2022. On January 24, the district confirmed that personal data may have been compromised when an unauthorized individual compromised an employee’s email account on December 21 2021. An internal investigation concluded that while no documents appeared to have been opened, accessed, or downloaded, the attacker may have ‘previewed’ clients’ protected health information (PHI). The potential disclosure may have affected 1,058 individuals and involved data including names, dates of birth, case numbers, counselor’s names, test results and dates of urinalysis, medication received and date of last dose.

 

https://www.infosecurity-magazine.com/news/washington-health-district-2-data/

South Africa wants to fight SIM swapping with biometric checks (bleepingcomputer.com)

The independent communications authority of South Africa (ICASA) proposed a countermeasure for cell phone providers to prevent simswap attempts: by storing biometric data. SIM swapping is a global issue as it allows access to a customer’s phone number through their SIM card, essentially hijacking their account. ICASA proposes that cell phone providers should store biometric data to help secure SIM cards and account information; however, this comes with a risk to privacy and data misuse.

 

Kenneth Saltisky

4 Russian Government officials were charged in hacking operations that targeted the global energy sector and impacted thousands of company computers across 135 countries from the periods of 2012-2018.  This 7 year operation allowed them access to Energy sector networks from the U.S. and other countries, also involving spear phishing emails, software updates “trojanized”, and redirecting rogue websites to install remote access trojans to compromise systems. 

https://thehackernews.com/2022/03/us-charges-4-russian-govt-employees.html

Christopher Clayton

This article talks about how there is a phishing technique a called browser in the browser (BitB) This attack is able to be exploited to simulate a browser window within the browser to spoof a legitimate domain. It then makes it possible to create a convincing phishing attack. This type of attack takes advantage of 3^rd party single sign on (SSO). Normally, a pop up window will be created to complete the sign on process and the BitB creates a fabrication browser window to replicate the process. By doing this, it becomes undetectable.

https://thehackernews.com/2022/03/new-browser-in-browser-bitb-attack.html

Nearly 34 ransomware variants observed in hundreds of cyberattacks in Q4 2021

 

According to new research published by Intel 471, as many as seven hundred twenty two ransomware attacks were observed in the fourth quarter of 2021, a 22.2% increase in attacks affecting the consumer and industrial products industry compared to the third quarter of 2021, making it one of the top. The most affected industries in the fourth quarter.

 

Of all the recorded LockBit 2.0 attacks, the most affected countries include the United States. The United States, Germany and Italy also reported the majority of Conti infections. The United States remains the country most affected by ransomware attacks.

 

https://thehackernews.com/2022/03/nearly-34-ransomware-variants-observed.html

Trend Micro announced there was a decrease in ransomware and business email compromise (BEC) detections.  It was reported that they blocked 9 million more threats last year than the previous year (2020 – 25.7 million to 2021 – 16.7 million). And even though phishing attempts nearly doubled, a good portion of ransomware and BEC threat exposures were declined, causing a decrease in detections from 2020.  In total, 2021 had a 42% increase in blocked threats from the year before, which showed there is a trend of larger organizations being targeted for more of these attacks.

https://www.infosecurity-magazine.com/news/cloudbased-email-threats-surge-2021/

Christopher Clayton

Intel 471 states that 34 different ransomware variants were found in 722 ransomware attacks in the fourth quarter of 2021. LockBit 2.0, Conti, PYSA, Hive, and Grief emerged as the most prevalent strains, and LockBit 2.0 usage accounted for 29.7% of all reported incidents. The United States, Italy, Germany, France, and Canada are the main attack countries for LockBit 2.0.

ransomware attacks in the fourth quarter,
Consumer and industrial products accounted for 23.7% of all attacks, followed by manufacturing at 15.9% and then is professional services and consulting at 15.4%. Compared to the third quarter, the consumer and industrial products sector rose by 22.2%.

Link: https://thehackernews.com/2022/03/nearly-34-ransomware-variants-observed.html

Yangyuan Lin