The Target: Zendesk, a customer solutions service provider.
The Take: Access to an internal logging database which may have contained service data belonging to Zendesk and its customers.
The Vector: An employee’s credentials were compromised though an SMS phishing attack which led to the employees handing over their login credentials to the attackers.
This breach is a stark reminder of how important authentication controls are in an overall robust cybersecurity posture. Regular social engineering and phishing awareness training are effective strategies to mitigate these kinds of breaches to protect a firm’s customer base.
Mondaq: Cybersecurity has become an increasingly regulated area of risk for many businesses in the digital world. As technology has advanced and cyber-attacks have become more sophisticated, the measures needed to protect business' data from breaches become more extensive too. This is mirrored by an increased regulatory environment where sanctions are implemented more strictly and conservatively by regulators.
Bleeping Computer: Zacks discovered the at the end of last year that some customer records had been accessed without authorization. An internal investigation into the incident determined that a threat actor gained access to the network somewhere between November 2021 and August 2022.
Sky News: The attacks - known as distributed denial-of-service (DDoS) - work by directing high volumes of internet traffic towards targeted servers in a bid by so-called hacktivists to knock them offline.
CNBC: North Korean-linked actors were behind the theft of $100 million through the hack of a crypto product last year, the Federal Bureau of Investigation said.
TechCrunch: LastPass’ parent company GoTo — formerly LogMeIn — has confirmed that cybercriminals stole customers’ encrypted backups during a recent breach of its systems.
Private Equity Wire: Abacus Group, a provider of hosted IT services and solutions to alternative investment firms, has acquired two boutique cybersecurity consulting companies, Gotham Security and its parent company, GoVanguard, which will now be known as Gotham Security, and will operate as an independent subsidiary of Abacus Group.
DarkReading: Leading global intelligence and cyber security consultancy S-RM has today revealed in its Cyber Security Insights Report that there has been a drop in concern around the cyber security threats posed by hybrid working. However, a significant proportion (35%) of IT leaders say they are concerned over a cyber skills gap among employees.
The Target: Myrocket, a Human Resources recruitment company based in India.
The Take: Exposure of 200,000 employees and 9 million candidate records of Personally Identifiable Information including: names, taxpayer information, personal identification numbers, emails, phone numbers, bank details, dates of birth, salaries, payslips, employees roles, and more.
The Vector: A misconfigured data server was left open and unsecured, meaning anyone with an internet connection could have viewed and downloaded the data.
This breach is critical reminder that authentication controls are an important piece in an overall robust cybersecurity posture. This data is perfect for constructing highly effecting spear-phishing campaigns. Multi-factor authentication and password length and complexity rules on server access are effective strategies to mitigate these kinds of breaches to protect a firm’s data.
BNN Bloomberg: In findings published, the blockchain forensics firm estimated that ransom payments — which are almost always paid in cryptocurrency — fell to $456.8 million in 2022 from $765.6 million in 2021, a 40% drop.
Bleeping Computer: PayPal is sending out data breach notifications to thousands of users who had their accounts accessed through credential stuffing attacks that exposed some personal data. Credential stuffing are attacks where hackers attempt to access an account by trying out username and password pairs sourced from data leaks on various websites.
BusinessWire: With the Securities & Exchange Commission proposing tighter cybersecurity requirements for hedge funds and other asset managers, Cole-Frieman & Mallon LLP, one of the nation’s leading boutique law firms serving the investment management industry, has launched a first-of-its-kind cybersecurity law practice.
DarkReading: In the wake of increasing concern about threat actors using open source AI tools like ChatGPT to launch sophisticated cyberattacks at scale, it's time for us to reconsider how AI is being leveraged on the defensive side to fend off these threats.
CoinDesk: “North Korea’s Lazarus Group had a very busy weekend, moving $63.5 million (~41,000 ETH) from the Harmony bridge hack through Railgun before consolidating funds and depositing on three different exchanges,” ZachXBT alerted on Twitter.
Yahoo News: The multinational agreement to develop the strategy followed a meeting of the Nordic Council’s executive committee in December. The council functions as the official organization for formal interparliamentary cooperation between the Nordic states. Formed in 1952, it includes Denmark, Finland, Iceland, Norway, Sweden, the Faroe Islands, Greenland and the Åland Islands.
Business Wire: It is both stability and change in the Allianz Risk Barometer 2023. Cyber incidents and Business interruption rank as the biggest company concerns for the second year in succession (both with 34% of all responses). However, it is Macroeconomic developments such as inflation, financial market volatility and a looming recession (up from #10 to #3 year-on-year), as well as the impact of the Energy crisis (a new entry at #4) which are the top risers in this year’s list of global business risks, as the economic and political consequences of the world in the aftermath of Covid-19 and the Ukraine war take hold.
The Target: CAF, the French Social Security agency
The Take: 10,000 records of Personally Identifiable Information exposed including: physical address, date of birth, household composition and income, amounts and benefits received.
The Vector: An unencrypted and unprotected file containing the above information was sent to a third-party service provider, who then posted the file to their website which was publicly accessible to anyone.
This breach is a reminder of how critical authentication controls are on sensitive data to maintain an overall robust cybersecurity posture, and more critically, ensuring these controls are in place when communicating and sending data to third-party vendors. The information stolen in this attack could lead to highly targeted phishing campaigns against the victims. Regular vendor assessments are also a key component in cybersecurity.
Private Equity Wire: Global investment firm Carlyle has led a $55m Series B investment round in Hack The Box, a cybersecurity upskilling and talent assessment platform, with a global community of more than 1.7 million members and a portfolio of more than 1,500 enterprise, government and university customers.
Bleeping Computer: Attacks targeting government agencies and military bodies in multiple countries in the APAC region have been attributed to what appears to be a new advanced threat actor that leverages custom malware to steal confidential information.
Cision: An uptake in high-profile data breaches and the exponential rise in digitization have redefined the dynamics in the cybersecurity industry. Stakeholders have become cagey towards data management practices and cybersecurity vulnerabilities.
Toronto Star: The federal public safety minister says he is prepared to work with other parliamentarians to revise the Liberal government’s cybersecurity bill after civil society groups and opposition MPs raised transparency and accountability concerns.
Reuters: Hackers have disrupted access to the websites of Denmark's central bank and seven private banks in the country this week, according to the central bank and an IT firm that serves the industry.
Dark Reading: Since OpenAI released ChatGPT in late November, many security experts have predicted it would only be a matter of time before cybercriminals began using the AI chatbot for writing malware and enabling other nefarious activities. Just weeks later, it looks like that time is already here.
The Star: Des Moines Public Schools announced that classes would be cancelled for its 33,000 students after being “alerted to a cyber security incident on its technology network.“
The Target: Twitter, a U.S based social media platform.
The Take: Exposure of 235 Million records of Personally Identifiable Information including: email addresses, usernames, and phone numbers.
The Vector: A zero-day exploit was used which allowed the attacker to scrape Twitter user profiles for the stolen information. This vulnerability circumvented Twitter’s privacy option which should prevent searching am account by it’s associated phone number/email.
This breach is critical reminder that zero-day exploits do happen, and furthermore that patching software in a timely, effective manner is a key component of ensuring customer data is protected.
Bleeping Computer: A signed Windows driver has been used in attacks on banks in French-speaking countries, likely from a threat actor that stole more than $11 million from various banks.
IBS Intelligence: Working with 11 international entities, CaixaBank has formed a European research consortium to explore ways to improve cybersecurity by leveraging artificial intelligence (AI) and big data. The project, AI4CYBER, is part of the Horizon Europe programme and is funded by the European Union.
Hedge Week: RFA, a specialist IT provider to the alternative investment sector, has enhanced its cyber security offering for hedge and private equity funds with the addition of external surface attack management and dark web breach and exposure monitoring solutions.
BNN Bloomberg: Peiter Zatko, the prominent computer security expert who blew the whistle last year on alleged security problems at Twitter Inc., is joining the cybersecurity firm Rapid7 Inc., the company said.
Bleeping Computer: Texas-based cloud computing provider Rackspace has confirmed that the Play ransomware operation was behind a recent cyberattack that took down the company's hosted Microsoft Exchange environments.
Forbes: Threat intelligence platforms are becoming increasingly important for both government agencies and businesses in today's digital landscape. The growing threat of ransomware attacks and other malicious activities from threat actors has highlighted the need for organizations to have a comprehensive and effective way to monitor, analyze and respond to potential threats.
Bank Info Security: After two sensational years in the public markets during the height of the COVID-19 pandemic, 2022 was a rude awakening for the cybersecurity industry.