InfoSecBulletin Cybersecurity for mankind
Crypto heists keep getting worse with every subsequent incident. In one such hack, Atomic Wallet users reportedly lost a collective amount of $35 million in assets. Investigators expect the number to grow. On the ransomware front, the Play ransomware group has been relentless in its pursuit of victims; the latest one being a Spanish bank. Further ransomware attacks were reported over the weekend, with a Canadian university falling prey to one. Students were locked out of educational platforms. Read along to know everything that transpired in cyberspace.
01
Users of Atomic Wallet suffered cyberattacks resulting in at least $35 million worth of crypto assets being stolen since June 2, with the biggest victim losing $7.95 million in Tether. The five most crucial losses account for $17 million.
02
The Play ransomware group added the Spanish bank Globalcaja to its Tor leak site and claimed to have stolen confidential information, clients and employee documents, passports, and contracts, among others.
03
An investigation into the cyberattack on IT firm Xplain revealed that the incident impacted multiple Swiss cantonal police, the army, customs, and Fedpol. The Play ransomware group claimed credit.
04
Akamai spotted a new ongoing Magecart web skimmer campaign targeting users in North America, Latin America, and Europe by hijacking legitimate websites to act as makeshift C2 servers.
05
The recent MOVEit Transfer zero-day attacks have been linked to a known ransomware group that has exploited a critical SQL injection vulnerability to steal data from dozens of organizations. While Microsoft linked it to the Cl0p ransomware group, Mandiant attributed the attacks to UNC4857.
06
Online sellers are being targeted in a new campaign pushing Vidar malware that steals credentials for further attacks. The campaign involves threat actors sending phishing emails to online store admins.
07
The University of Waterloo‘s email system was hit by a ransomware attack, forcing it to temporarily disable its on-campus Microsoft Exchange email services. Students were unable to access other educational platforms that required email credentials.
08
South Jersey Behavioral Health Resources disclosed a ransomware attack from April 3, which could have compromised names, contact details, SSNs, medical record numbers, and health insurance information.
09
OpenAI launched a $1 million cybersecurity grant program to enhance defender-focused research and capabilities. It includes projects like data collection, social engineering detection, incident triage automation, and source code security analysis.
10
XDR platform for industrial infrastructure Galvanick raised $10 million in a venture capital financing round, with MaC Venture Capital, Founders Fund, Village Global and Countdown Capital as participants.
