The Target: Crypto.com, a Singapore based cryptocurrency exchange app.
The Take: Theft of $31 million USD from customer’s online wallets.
The Vector: Through a credential stuffing attack, where previously exposed passwords are reused by users across multiple platforms, the threat actors executed unauthorized withdrawals from user accounts.
This breach highlights the high-risk practice of poor password hygiene like reused passwords, and more importantly, the critical nature of proper credential management through multi-factor authentication. Employing multi-factor authentication is a key part of maintaining a robust cybersecurity posture and ensuring company and customer data Is only accessed by authorized parties.
Yahoo News: Cybercriminals laundered $8.6bn (£6.4bn) worth of cryptocurrency last year, a 30% increase compared to the previous year, new data has shown.
SEC: The Securities and Exchange Commission today proposed rules to better protect investors and enhance cybersecurity by bringing more Alternative Trading Systems (ATS) that trade Treasuries and other government securities under the regulatory umbrella.
ZDNet: According to the 2021 Annual Data Breach Report published by the Identity Theft Resource Center (ITRC) on Monday, the overall number of data compromises (1,862) is up more than 68% compared to 2020 (1,108). Out of the 1,862 compromises, 1,600 of those were cyberattacks.
Bleeping Computer: The Canadian government department for foreign and consular relations, Global Affairs Canada was hit by a cyberattack last week. While critical services remain accessible, some online services remain unavailable, as government systems continue to recover from the attack.
O Canada: The U.S. securities regulator is considering extending cyber risk management rules to third-party service providers, and beefing up public company disclosures when they experience a breach, the head of the Securities and Exchange Commission (SEC) said.
The Target: Transcredit, a Florida based credit reporting company.
The Take: Exposure of 822, 789 records of Personally Identifiable Information including: first and last names, emails, bank information, notes of payment history, internal User ID’s and passwords, full data schema detailing where and how data stored.
The Vector: An unsecured, non-password protected database was found open and accessible by anyone with an internet connection.
It is critical to employ robust practices of credential management, user authentication and validation around all points of access. An unprotected point of entry on a key piece of equipment like a server can lead to a breach with a cascading effect on data security. Furthermore, the access credentials which were exposed could lead to pivot attacks by breaching other IT systems belonging to the firm.
Finextra: Based on data from eight years of working to assess cyber risk at hundreds of companies across many sectors in dozens of countries, it is clear that the financial sector is one of the best prepared for an attack, reflecting years of improvements and investment. But, although it only lagged behind the industrial, cyber and manufacturing sectors, the financial sector still has a lot of work to do, we found in our soon-to-published research.
Coin Telegraph: The Crypto.com security breach saga gets clarity with an official statement from the Singapore-based crypto exchange following a halt on withdrawals after detecting “suspicious activities” in user accounts.
Bleeping Computer: Bank Indonesia (BI), the central bank of the Republic of Indonesia, has confirmed today that a ransomware attack hit its networks last month. A Bank Indonesia spokesperson also told BleepingComputer the attack took place last month and that the bank's operations are not disrupted after the incident.
IT News: Australia and the United Kingdom have signed a pact to crack down on state-based actors, ransomware groups and other "malign actors" that use cyber attacks to "undermine freedom and democracy".
ZDNet: During 2021, Symphony Technology Group (STG) picked up McAfee Enterprise for $4 billion in March, and followed it up in June with a $1.2 billion purchase of FireEye. With the merger of the two cybersecurity firms completed in October, the companies have been given a new name.
Funds Europe: The cybersecurity megatrend is set to continue in 2022 as demand for cybersecurity solutions remain “relatively constant” after some “major hacks” in 2021, according to Christopher Gannatti, global head of research at WisdomTree.
U.S. News: The FBI and other federal agencies are increasingly looking to counter cyber threats through tools other than criminal indictments, the head of the bureau's cyber division said in an interview with The Associated Press.
The Target: Fertility Center of Illinois
The Take: Exposure of Personally Identifiable Information including: full names, social security numbers, financial information, medical data, and health insurance policy numbers, employee numbers, and passport numbers.
The Vector: The threat actors were able to access a third-party server where FCI’s data was stored, and as the firm did not employ proper authentication tools, the attackers were able to freely view and download the sensitive information.
This breach highlights the critical nature of employing robust practices of credential management, user authentication and validation around all points of access. An unprotected point of entry on a key piece of equipment like a server can lead to a breach with a cascading effect on data security. Furthermore, firms must be aware of where their data is stored, be that on their own sites or a third-party, and take steps to ensure it is secure.
JDSUPRA: Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration emphasized a shift toward mandatory cybersecurity requirements.
The Hill: Executives from Apple, Amazon and other top tech firms are meeting at the White House to discuss software security with the administration after major cyberattacks last year.
Financial Post: Israeli cybersecurity firm Pentera has raised $150 million in its latest funding round, taking the company’s value to $1 billion, the company told Reuters, adding it was eyeing an initial public offering in the United States.
The Target: United States Cellular Corporation, a wireless carrier.
The Take: Personally Identifiable information including: names, addresses, PIN codes, phone numbers, information on wireless usage and billing statements.
The Vector: The threat actors contacted employees of U.S Cellular and tricked them into downloading and installing malicious software and as the employees were logged on with legitimate credentials, the dangerous software was able to be installed. This malware let the attackers further access customer accounts remotely to port the victim’s phone numbers to a different carrier.
This breach highlights the ongoing and ever-present threat that social engineering poses to firms. Regular training and policy review can help firms ensure their employees are employing a slow and measured approach whenever access, or installation of software, is made – especially when the request is initiated from outside the firm.
CNBC: Scammers took home a record $14 billion in cryptocurrency in 2021, thanks in large part to the rise of decentralized finance (DeFi) platforms, according to new data from blockchain analytics firm Chainalysis.
ZDNet: The threat of cyberattacks is growing and much more needs to be done to educate businesses and users about risks in order to prevent widespread damage and disruption as a result of cyber incidents.
Private Equity Wire: Livingbridge’s investment includes growth capital to enable Quorum Cyber to capitalise on strong macro tailwinds in the cyber security sector and execute its ambitious growth plans through increased investment in its solutions as well as sales and marketing functions.
ZDNet: Seventeen companies have been informed of cyberattacks that compromised user information by New York Attorney General Letitia James following an investigation into credential stuffing. More than 1 million customer accounts were compromised due to the attacks, which James said were previously undetected.
South China Morning Post: China’s regulators will exempt Hong Kong from the rigid cybersecurity review process for all initial public offerings (IPOs) in foreign markets by companies with the personal data of at least 1 million customers, according to analysts’ reading of the finalised regulations published.
Insurance Journal: Morgan Stanley has filed for court approval of a $60 million settlement of a class action stemming from two data breaches in July 2020 that the complaint alleges compromised the information of 15 million of the investment bank’s customers.