The target: Freepik, a website providing high quality free photos and graphic design.
The take: 8.3 million records of personally identifiable information including: emails, usernames, and passwords.
The attack vector: An SQL injection was used to breach Freepik’s systems and allowed attackers to dump their user information. Attacks of this nature take advantage of poor controls in text input fields to send malicious instructions to the target database.
Any field where a user can submit text in web applications should be sanitized as a secure coding best practice to ensure these kinds of malicious commands cannot be submitted.
CNN: New Zealand has ordered one of its spy agencies to investigate a cyberattack that originated overseas and disrupted the country's financial markets for a fourth consecutive day on Friday.
BBC: As the official in charge of defending the UK against cyber-threats, he knew enough to spot a scam. But it was also a sign he was unlikely to have a quiet end to his time as the first head of the National Cyber Security Centre (NCSC).
DARKReading: When the COVID-19 pandemic began, every CISO across every industry scrambled to get their teams up and running. When we left our physical office space, we left our traditional security strategy behind with it. The theme of remote security has stayed top of mind since March: Cybersecurity experts correctly predicted that cybercrime in a virtual workforce would be a central topic at the recent Black Hat conference, and CISOs have had to rethink 2020 strategy with remote work leading the way.
ZDNet: Caught by the sudden onslaught of COVID-19, most businesses lack or have inadequate security systems in place to support remote work and now have to deal with a new reality that includes a much wider attack surface and less secured user devices. Many also have had to adapt and adopt digital tools quickly, taking on new technology that may not be adequately secured.
FStech: A survey of 1,077 IT business and security decision-makers from the UK and eight other countries, for IT automation and security company Infoblox, found that attempted cyber attacks had risen by 41 per cent as cyber criminals sought to exploit Coronavirus-related disruption.
IT World Canada: Brookfield Residential Properties, a wholly-owned division of Brookfield Asset Management (BAM), which owns or invests in $540 billion in real estate, energy and infrastructure companies in 30 countries, said late Monday that it was victimized by an unspecified cyberattack.
ITProPortal: Since the General Data Protection Regulation (GDPR) came into force, it has had a significant impact not only on how companies collect and use data, but on how they protect it. GDPR has shaped not only cybersecurity in Europe, but the business world at large, and as threats continue to advance, we look at how GDPR has shaped cybercriminal behavior.
The target: SANS Institute, a cybersecurity training firm.
The take: 28,000 records of Personally Identifiable Information including: names, job title, industry, home address and country of residence.
The attack vector: The attack occurred through a “consent phishing” scam, where the attacker attempts to trick employees to install a malware app or grant it permissions to access sensitive data or execute dangerous commands. The phish in this case was design to replicate a SharePoint link via O365, and after the employee clicked the link and authorized the installation of the malware, a forwarding rule was created, sending 513 emails to the anonymous hacker.
This breach demonstrates that critical thinking and scrutiny is essential when dealing with e-mail communication. Performing the ‘hover test’ to validate links in incoming mail and validating the message sender are critical for avoiding these phishing attacks.
The Week: Over the last decade, the banking industry has gone through multiple changes structurally and operationally owing to rapid technological advancements. Most banking services and their corresponding back-end operations have now become digital. Along with this digital transformation also rises the challenge of information technology security. The myriad types of cybercrimes such as phishing, stalking, spamming, spoofing, hacking, ransomware attacks, and other physical and digital frauds compel individual banks to secure their network and servers with advanced firewalls.
Times Live: The SA Banking Risk Information Centre (Sabric) has confirmed that credit bureau Experian suffered a data attack which "has exposed some personal information of as many as 24 million South Africans".
Reuters: Marriott International, a leading hotel operator, is facing a London class action brought by millions of former guests demanding compensation after their personal records were hacked in one of the largest data breaches in history.
Dark Reading: While reported breach numbers are down, a handful of "mega" breaches resulted in more data records being exposed than ever before, analysis shows.
Property Funds World: According to Savills, the growing number of European cyber attacks has attracted EUR2.3 billion of venture capital (VC) investment into European headquartered cybersecurity companies during the last five years, with a record level of EUR724 million recorded in 2019.
IT Pro Portal: Just like coming in contact with a person infected with coronavirus increases the possibility of you getting infected, increasing your digital business presence increases the chances of cyber attackers to target your business; accounting firms are no exception.
CBC: The Canada Revenue Agency has temporarily shut down its online services after the agency confirmed it was recently hit by two cyberattacks that compromised thousands of accounts linked to its services.
The target: Virtu Financial, a high-speed trading firm.
The take: 6.9 million USD
The attack vector: Virtu was victim to a BEC, or Business Email Compromise, scam. The attack began when an executive’s email account was compromised and used to send fraudulent requests to the company’s accounting department leading to two outgoing wire transfers. The threat actors disguised their internal movements by creating email rules to prevent the legitimate owner from realizing the attack was happening. Believing the spoofed email requests were real, the accounting department made the transfers. The fraud was discovered two days later due to an internal auditing process.
The security of high profile accounts is paramount to robust cybersecurity, and this attack highlights why high level employees are often under the greatest focus from outside threats. Beyond maintaining security for employees with this level of access, the vetting of requests, especially where funds are concerned, is a top priority for vigilant cybersecurity.
ZDNet: Security researchers have uncovered a new Russian-speaking hacking group that they claim has been focusing on the past three years on corporate espionage, targeting companies across the world to steal documents that contain commercial secrets and employee personal data.
The Jerusalem Post: The cyberattack was conducted by an international cyber group called “Lazarus,” an organization that is backed by a foreign country. While the statement did not mention which foreign country was believed to be involved, cyber experts have said after the incident that the perpetrators were most likely linked to North Korea.
Finextra: In court filings unearthed by BankInfoSecurity, Virtu says that its systems were hacked in May, giving the crooks access to the email account of an executive.
Yahoo Finance: Venture capital firm Amadeus Capital Partners is planning to raise three funds with a combined target of about $400 million for tech investments in industries including enterprise software, artificial intelligence and cybersecurity, people with knowledge of the matter said.
Business Computing: The global pandemic has seen a huge rise in people working from home, shopping online, and generally being more digitally connected than ever. There are plenty of good things that have come from this but there is a lot of bad as well. One of the biggest issues is that cyberattacks have skyrocketed during this period, according to MonsterCloud. Cybercriminals have taken this opportunity to up their attacks, both in frequency and scope. Here is what you need to know about the rise in cyberattacks during the COVID-19 pandemic of 2020.
DarkReading: The key commodities prices of oil, grains, sugar, and cotton don't just affect business sectors as they rise and fall with supply and demand: They also drive global trading activity and form the foundation of the world economy. The same applies to cybercrime.
Cyber Defense Magazine: Data is an organization’s most valuable asset, yet data loss is one of the biggest repercussions of a cyber attack. In 2019, more than 15 billion records were exposed in data breaches, amounting to more than $3.5 billion lost to cybercrime.
The target: Avon, a London-based cosmetics firm
The take: 19 million records of Personally Identifiable Information included: full names, phone numbers, dates of birth, email and home addresses. In addition, 40,000 security tokens, internal logs, account settings, and technical server information was also stolen.
The attack vector: The information was accessed from a wide open misconfigured cloud server for which there was no password protection or encryption. The server, which was publicly accessible on the internet to anyone with its IP address, was up for 9 days before being taken down.
Phishing attacks made possible through the personal information leaked here would be highly effective, however what’s potentially more damaging are the exposure of the technical details. Possessing this information could lead to attacks establishing full control of Avon’s servers and more. The storage of configurations which outline a firm’s technical operation is highly valuable and its exposure can have severe consequences. When this high level of information is compromised, threat actors could execute actions to take control of nearly every aspect of a company’s data and operations.
Yahoo News: Capital One Financial Corp <COF.N> will pay an $80 million penalty to a U.S. bank regulator after the bank suffered a massive data breach one year ago.
Help Net Security: An INTERPOL assessment of the impact of COVID-19 on cybercrime has shown a significant target shift from individuals and small businesses to major corporations, governments and critical infrastructure.
Finance Magnates: When it comes to cryptocurrency-related crime, every year seems to have its own particular ‘flavor’. 2018 was the year of massive exchange hacks (remember Coincheck?); 2019 was seasoned with an air of massive ponzi schemes (PlusToken, OneCoin) with a few scandals thrown in the mix (QuadrigaCX, anyone?)
Yahoo News: Federal police and organised crime investigators will be empowered to kick down the digital door of criminals hiding in the dark web under a $1.7 billion government cyber security strategy.
Fierce Telecom: AT&T's survey found that 70% of the large business felt remote working made them more vulnerable to cyberattacks. AT&T's study of 800 cybersecurity professionals across the U.K., France and Germany found that more than half (55%) now believe remote working is making their companies more vulnerable to cyberattacks.
Financial News: Cybersecurity companies are warning that they’ve seen an exponential rise in attempted “phishing”, banking-email compromises, and illegal cryptocurrency mining. And it’s hedge funds that may be most vulnerable.
Security Affairs: Hackers stole roughly €1.183 million worth of cryptocurrency from investment accounts of 2gether, 26.79% of overall funds stored by the accounts. The attack took place on July 31 at 6.00 pm CEST, when hackers compromised the company servers.