This week’s major cyber news headlines reflect the cybersecurity warnings being circulated ahead of the Christmas holidays and a host of other significant updates. Here are the most important of those security updates.
Imperva Reports a Surge in Web Application Attacks
Renowned security vendor Imperva recently released a cybersecurity analysis report highlighting that there have been over 4.7 million web application attacks since October 2019. Imperva’s findings reveal that web-app attacks are increasing by 22% every quarter. Data breaches in the UK have increased significantly because of the rising attacks on businesses (increased by 250% between October 2019 and the present day).
Imperva notes that the use of RFI and RCE attacks in hijacking websites and stealing information has increased by 271%. The greater attack surface is suspected to be because of the craze among businesses to upgrade their digital setup and shift to newer technologies like cloud computing.
To ensure ransomware protection in times when attacks on web applications are rapidly increasing, organizations must implement robust mitigation measures. They must adopt web security solutions that match their requirements and develop effective web application firewalls, bot management solutions, etc.
AscendEX to Reimburse $77.7 Million to Customers After Breach
Singaporean Crypto platform AscendEX (formerly known as Bitmax) underwent a cyberattack on 11th December, and its customers lost around $77.7 million to this attack. Apart from beginning a quick investigation and service restoration drive, AscendEX has pledged to reimburse the entire amount to all affected customers. This move comes because of the platform’s strong belief in staying true to its community and users.
As AscendEX resumes withdrawals, Ethereum will be the first in the queue to be up for the withdrawal of coins/tokens for users. It is estimated that the $77.7 million was stolen from three chains – $ 60 million from Ethereum, $9.2 million from Binance Smart Chain, and $8.5 million from Polygon. Attackers made a lot of transfers from AscendEX’s hot wallets, and seeing so many transfer requests simultaneously made the organization look for suspicious activities.
As part of its cybersecurity measures, AscendEX transferred all remaining funds to its cold wallets, which remained unaffected by the attack. It further hired external blockchain analytics organizations to investigate the breach and informed law enforcement. AscendEX also brought other crypto exchanges in the loop so that they, too, could blacklist the compromised wallets.
NCSC Warns Customers to Beware of Online Shopping Scams This Christmas
The weekend before Christmas is crazy as people look for last-minute shopping options and often get conned by malicious actors. With Christmas just a week away, the National Cyber Security Center (NCSC) has released a warning notice reminding people to stay aware and take necessary email security and security measures. People are advised to check the amount of information they feed into e-commerce sites and check out as guests (without creating accounts) if possible.
UK Finance reported that around £22bn was spent by citizens on online shopping during Christmas last year. With 2021 being another year where pandemic restrictions make offline shopping difficult for many, authorities expect a similar (if not greater) threat factor targeting online consumers. The NCSC warns that attackers can target consumers via any vector – fake shipping notifications, phishing emails, fake warnings about compromised accounts, fraudulent gift cards, etc.
You must remember that ‘too good to be true’ offers that pop up in our DMs or feed, especially during this time of the year, are probably cyber adversaries trying to get information and money out of us. The NCSC website mentions a range of cybersecurity measures that consumers can adopt to keep themselves safe from attacks. These include using strong passwords, verifying the authenticity of an organization/website found online, enabling 2FA and MFA, etc.
Google Hosts Android App Hacking Workshops with PayPal and HackerOne
Google constantly updates patches to fix vulnerabilities in its Google Play ecosystem. However, an often-overlooked fact is that external security researchers have a significant role in Google’s proactive spirit to ensure cybersecurity. There is an active community of cybersecurity researchers out there who aspire to create a safe community, and Google collaborates with these third-party researchers to fix thousands of bugs in its Android applications.
In exchange for notifying Google of flaws in its applications, security researchers receive bug bounty rewards and recognition. Google has collaborated with several industry partners like PayPal and HackerOne to host a series of Android App Hacking Workshops to take this culture a step further. The idea is to expand this community of white-hat threat actors and cybersecurity experts by training them to find Android app vulnerabilities.
These workshops have been fruitful in the past and led to budding researchers identifying bugs in applications. This particular workshop comes with rich resources like source codes of a custom-built Android application and enough guidance for learners to fall back upon in their learning journeys. The workshop is ideal for both researchers and beginners with some experience.
Ukraine Police Arrests Cybercrime Group of 51 Members
Ukraine’s police force recently arrested a cybercrime group of 51 members with charges of selling the data belonging to more than 300 million Europeans, Americans, and Ukrainians. In addition to arresting the 51 accused in the operation called DATA, the police also shut down a renowned website facilitating the selling and buying of personal information. The operation DATA was a massive success as the Ukrainian police force was able to bring 90,000 GB of data off the internet after extensive research involving over 177 searches.
The police could also seize 100 databases in the group’s possession. These databases contained citizens’ banking and legal information, authorization emails, social networking profiles, contact numbers, vehicle registration numbers, etc. Since attacker groups like these are common in today’s world, it is advised to use cybersecurity tools like password managers to protect personal information from being accessed by adversaries.
Twitter Account of Indian Prime Minister Hacked
Hacking the Twitter accounts of renowned figures has become a trend among the threat actor’s communities. This time around, an unidentified cyber-adversary has compromised the Twitter account of the Indian Prime Minister – Narendra Modi (@narendramodi). While the account was secured shortly after the breach was detected, the attacker posted a Tweet in the interim saying that the Indian government had finally recognized Bitcoin as an official legal tender.
The tweet further informed the 73 million followers of Modi that the Indian government had purchased 500 BTC, which it plans to distribute among the citizens. Cybersecurity experts in India are investigating the breach and have reached out to Twitter, who confirmed that there had been no suspicious activity in any of its networks.
The fake tweet was eventually brought down, and the Prime Minister’s office clarified in another tweet that Modi’s account was hacked and all tweets posted in that brief period should be ignored.