A quick summary of what happened this week in the space of cyber security: OrangeTee & Tie fined SGD$37k for data breach that affected over 250,000 customers and staff OrangeTee & Tie, a real estate firm, has been fined SGD$37,000 after the Personal Data Protection Commission (PDPC) found that more than 250,000 customers’ and staff's information has been compromised. Compromised information included: names, bank account numbers, NRIC, passport numbers, property transactions and commission amounts. In PDPC’s written judgment, a fine was imposed as OrangeTee & Tie had failed to put in place “reasonable security arrangements to protect users’ personal data”.These included failure to conduct periodic security reviews and usage of “live” data for development and testing purposes without proper safeguards. Alleged data breach has caused Philippines’ police employee records to be leaked online Cybersecurity researcher, Jeremiah Fowler from VPNmentor, reported on a non-password protected database that contains over 1.2 million records of individuals who were employed or applied to work in law enforcement in the Philippines. Personal information found includes but not limited to, passports, birth certificates, marriage certificates, drivers’ licenses, academic transcripts, security clearance documents. In response, the PNP and DICT have begun investigations into this data breach, while the National Bureau of Investigation has stated after initial investigations this data breach does not involve any of their systems. Furthermore, Senator Ramon ReVilla Jr. has proposed Senate Resolution 573, stating that “data privacy and protection is a matter of national interest” and that it is vital for the Congress of the Philippines to put in place policies to deter future data breaches. For a more in-depth article: click here Optus hit with data breach class-action lawsuit A class action lawsuit has been lodged against Australian Telco, Optus. Law firm Slater and Gorden has lodged the class action on behalf of more than 100,000 current and former customers.The lawsuit claims Optus have breached laws and its own policies by failing to protect users from harm and destroy or de-identify former customer data. They intend to seek compensation on behalf of those current and former customers. The firm also stated that this breach has plausibly put vulnerable customers at risk of domestic violence and other crimes. An Optus spokesperson replied that they would vigorously defend any class action. American Bar Association data breach affected 1.4 million members Hackers have compromised the American Bar Association (ABA) system and gained access to credentials for 1,466,000 members. Network affected were ABA’s pre-2018 website and career center website. Personal information includes account usernames and passwords. ABA had notified members that a hacker was detected upon detecting unusual activity on their network. ABA has recommended members to change their passwords on their site, as well as passwords on other sites that utilize the same credentials. They also advised members to watch for spera-phishing emails that would impersonate the ABA. NCR datacenter struck by ransomware attack. A payment company, NCR datacenter, has suffered a ransomware attack, whereby a data center in Aloha, Hawaii has been breached. This ransomware incident has caused a system outrage. This breach is related to their Aloha restaurant point-of-sale product. Although, the company stated there was “no impact to payment applications or on-premises systems.” This ransomware incident has caused a system outrage. Black Cat, a ransomware group, has claimed the attack, but the post was later taken down. Cybercriminals utilize generative AI to perform more complex phishing attacks. Zscaler has found that in 2022, cyber criminals are using generative AI developments like ChatGPT to perform more complex phishing attacks. As these AI-driven phishing can successfully resemble legitimate messages, this increases the likelihood of victims falling for these scams. There was a nearly 50% increase in phishing attacks compared to 2021. Researchers predict that cybercriminals will use AI tools more regularly, and they are expected to find more sophisticated websites, SMS and email scams. Lockbit ransomware gang found targeting MacOS devices for the first time For the first time, the Lockbit ransomware gang has created encryptors to target Macs. This is likely to become the first huge ransomware operation to specifically target macOS. Although macOS is currently on their radar, their encryptors are not ready to be deployed yet as stated by macOS cybersecurity expert Patrick Wardle. However, it is still important for all computer users to practice good online safety habits. Lockbit representative, LockBitSupp, stated that they are currently actively developing the Mac encryptor. ‘AuKill’ malware kills EDR via Process Explorer driver Sophos X-Ops found a new defense evasion tool which attempts to disable EDR processes called AuKill. The AuKill tool takes advantage of an outdated version of version 16.32 of the Microsoft utility Process Explorer to disable EDR processes. This allows them to deploy ransomware or backdoor on the target system. Since the start of 2023, attackers have used AuKill prior to deploying Medusa Locker and Lockbit ransomwares. Trigona ransomwares targets Microsoft SQL servers AhnLab found threat actors are utilizing Trigona ransomware to target unsecured and internet-exposed Microsoft SQL (MS-SQL) servers. They breach using brute-force or dictionary attacks. Afterwards, they deploy a malware called CLR Shell. Followed by the installation and launching of a dropper malware which they use to launch the Trigona ransomware. The Trigona ransomware gang are behind a stream of attacks, with at least 190 submissions to the ID Ransomware platform since the beginning of 2023. Comments are closed.
|
Archives
June 2024
Categories
All
|
© 2021, TAFA HOLDINGS (S) PTE LTD. ALL RIGHTS RESERVED
|