InfoSecBulletin Cybersecurity for mankind
An urgent investigation unfolds as a ransomware attack targets a data management company in Northern Ireland, entrusted with protecting the sensitive data of various charities and non-profits, among which are organizations assisting sexual assault survivors. Talking about ransomware attacks, a U.S. payments giant suffered one too – affecting hospitality customers. The Anonymous Sudan gang is back at it; this time the victims are Israeli bank websites and postal service. Here’s what you need to know from the weekend.
01
A ransomware attack on data management firm Evida impacted Irish charities, including the One in Four charity and 1,000 individuals linked to it, and nonprofits.
02
U.S. payments company NCR confirmed a ransomware attack, over the weekend, that impacted its Aloha POS applications for a subset of its hospitality customers.
03
Chinese nation-state group APT41 targeted an unnamed Taiwanese media firm to deploy Google Command and Control (GC2), an open-source red teaming tool – revealed Google’s TAG.
04
Dimas Volvo, Volvo’s Brazilian retailer, was found leaking sensitive data—MySQL and Redis database hosts, open ports, credentials, and the website’s Laravel app key—for almost a year.
05
Uptycs found a new credential stealer, named Zaraza bot, being advertised on Telegram and simultaneously using the messaging service as C2 server. It can target 38 web browsers.
06
German arms manufacturer Rheinmetall suffered a cyberattack on its business division dealing with industrial customers in the automotive sector.
07
The Anonymous Sudan threat group claimed credit for a DDoS attack on the Israeli postal system and bank websites during Iran’s Quds Day, resulting in a temporary service outage.
08
A new report by the Australian Competition and Consumer Commission revealed that Australians lost over $3.1 billion to scams, in 2022 – a whopping rise from $2 billion in 2021.
09
A security researcher from The DFIR Report warned against hackers abusing the Action1 remote access software to achieve persistence on infected networks and execute commands, binaries, and scripts.
10
Boston-based Mobb raised a $5.4 million seed funding for an automatic vulnerability-fixing tool. The round was led by Ariel Maislos.
