Daily Cybersecurity Update, June 27, 2023

infosecbulletin Tuesday , June 27 2023 Daily Security Update

Local government bodies across the U.S. are facing the wrath of growing cyber intrusions. The latest such victim is a Texan city that suffered a data breach affecting half a million government files. Meanwhile, the Cl0p ransomware continued to claim more victims of MOVEit Transfer zero-day exploitation, this time including two industrial control system providers. A new study revealed a significant spike in BEC attacks against European firms as compared to their American counterparts in the last year. Read on to find out the top cybersecurity happenings from the last 24 hours.

SiegedSec hacker group breaches Fort Worth government website. The SiegedSec hacker group has breached a website containing government information from the city of Fort Worth, Texas. They gained access to around 500,000 files that included work orders, employee lists, invoices, police reports, emails between employees and contractors, internal documents, camera footage, and more.
Cl0p ransomware group adds five new victims to dark web leak site. The Cl0p ransomware group has added five new victims to its dark web leak site, including Schneider Electric and Siemens Energy. The other listed victims are Werum (Körber Pharma), UCLA, and Abbvie. The group is exploiting the recently disclosed MOVEit Transfer vulnerability to target its victims.
Activision Blizzard servers hit by DDoS attack. Activision Blizzard’s servers were hit by a DDoS attack on Sunday, causing disruption to popular online games such as Call of Duty: Warzone and World of Warcraft. The attack lasted for over 10 hours and was only mitigated late on Sunday.
Anatsa Android banking trojan distributed via Google Play Store. The Anatsa Android banking trojan is being distributed via the Google Play Store. The trojan collects financial information and performs on-device fraud, making it difficult for banking anti-fraud systems to detect it.
European organizations experience higher volume and frequency of BEC attacks. According to Abnormal Security, European organizations experienced a higher volume and frequency of BEC attacks compared to those in the U.S., between June 2022 and May 2023. BEC attacks in Europe increased by 10 times, while it just doubled in the U.S.
Europol takes down EncroChat, encrypted messaging platform used by organized crime groups. Europol announced the takedown of EncroChat, an encrypted messaging platform used by organized crime groups. The operation led to the arrests of 6,558 individuals worldwide and the confiscation of $985 million in illicit criminal proceeds.
Companies with ties to the U.S. government or defense sector are more likely to be targeted by cybercriminals. A study by the American Enterprise Institute found that companies with ties to the U.S. government or defense sector are more likely to be targeted by cybercriminals. The study also found that highly profitable companies, those holding abundant cash, and organizations that spend generously on advertising are also more likely to be targeted.
Researchers discover new side-channel attack that can recover secret keys from a device. Researchers from Ben-Gurion University of the Negev and Cornell University have discovered a new side-channel attack that can recover secret keys from a device by analyzing video footage of its power LED.
CalypsoAI raises $23 million in funding to build out LLM security solutions. CalypsoAI has raised $23 million in a Series A-1 funding round to build out its Large Language Model (LLM) security solutions. The round, led by Paladin Capital Group, featured investment from Lockheed Martin Ventures, Hakluyt Capital, and Expeditions Fund.
Identity verification company Socure acquires document verification start-up Berbix. Identity verification company Socure has announced its acquisition of the document verification start-up, Berbix, in a deal worth $70 million. The acquisition will enable Socure to detect fake identities more accurately.