While on the one hand, the advent of newer technologies is a boon for us all; on the other, it also gives cyber adversaries the upper hand many times, as they also get to improve their skill sets to launch all sorts of cyberattacks worldwide – which is why it is crucial to stay abreast of the latest cyber updates such as given below, which can help professionals and regular consumers of technology alike mitigate these cyber threats in the future.
Mount Locker Group Leaks 18Gb Worth Gunnebo AB Information
In August 2020, the servers of Sweden’s leading cybersecurity company, Gunnebo AB, were compromised. Hackers released information regarding the firm on the dark web. Nearly 38,000 files were also uploaded to public servers. The Mount Locker group, who were responsible for the cyberattack, demanded bitcoins as a ransom to not release the stolen data, but the company decided to report the incident to Swedish Security Service.
The stolen data includes details such as bank vault drawings, ATM security functions, monitoring, and alarming systems, and the worst confidential drawings from the Swedish Tax agency were also compromised.
Aetna Agrees On A Settlement After A Data Breach, Which Violates HIPAA Rules
Aetna Life Insurance company in the US agreed to pay $ 1 million to the US Department of Health and Human Services for its 2017 data breach of nearly 5002 individual data, which consists of name, insurance-related data, and PHI (Protected Health Information). Furthermore, approximately 11,000 people were affected due to the second breach in July 2017, which compromised medical details, and in September 2017, nearly 1,600 user details were further compromised.
In addition to human errors, the company failed to periodically evaluate PHI, which made the cyber intrusion easier for malicious actors. Moreover, the business could not implement the necessary technical, administrative, and physical cybersecurity measures to ensure PHI privacy.
Cybernews Uncovered 39 Scam Sites Related To Paypal-UPS Scam
On April 1, 2020, Isabelle Taylor fell victim to an e-commerce-based nutrition company gardenoflifego.com which sold products at a huge discount but provided its user fake or already delivered product tracking identifiers and stole money from their PayPal account. Despite complaining to PayPal about the same, there were no actions taken against the entity, nor were there any refunds.
When CyberNews contacted PayPal regarding the same, the victim got a goodwill refund, 37 similar scam websites linked to the domain from which Garden of Life operated were also discovered. Even though the website has now been removed, CyberNews further found 17 other sites linked to a scam email id firstname.lastname@example.org and other email security services, and altogether, 39 websites were uncovered.
Russian Based APT Turla Hacked Into Undisclosed European Governmental Systems
According to the Accenture Cyber Threat Intelligence or ACTI, APT Turla, a notorious Russian-based hacker group, compromised European Governmental systems using RPC (Remote Procedure Call) based backdoors and RAT (Remote Administration Trojans). The Turla APT group has been active since 2007. It is notorious for attacking diplomats, private businesses, and governmental institutions in the Middle East, North and South America, Soviet unions, Europe, and Asia. The group has previously attacked Swiss defense wing RUAG, US Central Command, and the US Department of State as well.
ACTI has identified that Turla has used Command and Control (C&C) executions for each cyberattack and also that the group relied on bot-compromised web servers. Moreover, Turla APT has used a Carbon installer with encrypted configuration files, two communication modules, and a Carbon Orchestrator.
Canadian Home Depot users Receive Hundreds of Suspicious Notifications
On October 28, 2020, Home Depot customers in Canada started receiving hundreds of order related and shipment related emails from the company. The order details specified in the emails were not linked to the receiver. Customers have received hundreds of such emails containing order details, customer names, addresses, partial card information, order numbers, and order items.
The emails contained orders from October 24th and 25th for in-store pickups, and these emails were generated as remainders for pickups. Since each email can have up to 544 email accounts in the to address, various users received the same email at an instant. Also, the reply to the section contained multiple emails along with the Home Depot email ID and thus flooded users’ mailboxes.
Researchers Found Vulnerability In Hormann Devices
Researchers of an Austria based cybersecurity firm SEC Consult found nearly 15 vulnerabilities in gateway device and mobile application of Hormann, a German company that manufactures industrial and home doors. The vulnerabilities, especially poor communication protocols and less secure encryption techniques, can be exploited remotely using a local network or through the internet and can even break email security.
The remote malicious actors use client certificates and private keys to tamper with the door opening hardware utilizing the internet and use the key to connect with the vendor’s server. They can then upload scripts into the server, which will further switch the target node’s identity with the attacker’s system due to Hormann devices’ failure to ensure the validity of certificates.
And that’s the week that was.