Round Up of Major Breaches and Scams
More than 85,000 SQL databases are currently on sale on a dark web portal for a price of only $550/database. The portal, brought to ZDNet’s attention earlier today by a security researcher, is part of a database ransom scheme that has been going on since the start of 2020. Hackers have been breaking into SQL databases, downloading tables, deleting the originals, and leaving ransom notes behind, telling server owners to contact the attackers to get their data back.
The October cyberattack cost the University of Vermont Medical Center $1.5 million a day in increased expenses and lost revenue, hospital president Stephen Leffler said Tuesday. That “back of the envelope” calculation doesn’t include the cost of getting the system back up and running, he told reporters. Forty-two days have elapsed since the attack occurred on Oct. 28. The total cost, including lost revenue and expenses, could exceed $63 million.
A Russian citizen living in Denmark has been charged with espionage for allegedly having provided information about Danish energy technology, among other things, to an unnamed Russian intelligence service, the Danish prosecution authority said Wednesday. The suspect, who was not identified, has been held in pre-trial custody since the beginning of July, Denmark’s Prosecution Authority said.
The European Medicines Agency, which is currently helping to roll out two coronavirus vaccines, has been hit by hackers, the agency announced Wednesday. Attackers successfully accessed “some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate” that were stored on a European Medicines Agency (EMA) server, according to a statement BioNTech released on its investors’ website.
An Arabic-speaking hacking group that’s used phishing emails laden with sensational headlines focused on the Middle East to spy on government officials is leveraging recent diplomatic activity to conduct espionage. Operatives with the group, known as MoleRATs, used mainstream technology services like Facebook and Dropbox to obscure their malicious activity and exfiltrate data, according Cybereason, the security company that published details on the activity on Wednesday.
Round Up of Major Malware and Ransomware Incidents
The U.S. Department of Justice on Wednesday announced that an unnamed defendant has pleaded guilty in connection with a cyberattack that rocked the internet in 2016. The October 2016 distributed denial-of-service attack affected Dyn, an internet infrastructure company, before rippling out to cause outages for sites including Twitter, Netflix, Spotify, AirBnb and Reddit, among others. DDoS attacks typically occur when attackers access a network of hacked computers, then direct those connections to a single point on the web.
Misconfigurations and lack of visibility allow attackers to compromise networks and monetize their intrusions, according to CrowdStrike’s analysis of about 200 incidents. Ransomware attacks made up the majority of serious cyber intrusions this year, accounting for 51% of all incidents investigated by CrowdStrike in 2020, according to the company’s yearly incident-analysis report.
Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the group’s latest effort against military and government targets. The SideWinder advanced persistent threat (APT) group has mounted a fresh phishing and malware initiative, using recent territory disputes between China, India, Nepal and Pakistan as lures. The goal is to gather sensitive information from its targets, mainly located in Nepal and Afghanistan.
Cybercriminals are leveraging the recent rollout of the COVID-19 vaccines globally in various cyberattacks – from stealing email passwords to distributing the Zebrocy malware. Cybercriminals are tapping into the impending rollout of COVID-19 vaccines with everything from simple phishing scams all the way up to sophisticated Zebrocy malware campaigns. Security researchers with KnowBe4 said that the recent slew of vaccine-related cyberattacks leverage the widespread media attention around the development and distribution of COVID-19 vaccines.
Round Up of Major Vulnerabilities and Patches
Problem has to do with a print driver component found in all versions of Windows going back to Windows 7, security researcher from Singular Security Lab says at Black Hat Europe 2020. A couple of vulnerabilities that a security researcher from China-based Singular Security Lab disclosed at this week’s Black Hat Europe 2020 virtual event has highlighted once again why it’s dangerous for organizations to underestimate the threat from old, overlooked bugs in commonly used software products.
As just one symptom, 83 percent of the Top 30 U.S. retailers have vulnerabilities which pose an “imminent” cyber-threat, including Amazon, Costco, Kroger and Walmart. 2020 is shaping up to be a banner year for software vulnerabilities, leaving security professionals drowning in a veritable sea of patching, reporting and looming attacks, many of which they can’t even see. A trio of recent reports tracking software vulnerabilities over the past year underscore the challenges of patch management and keeping attacks at bay.