InfoSecBulletin Cybersecurity for mankind
Art and entertainment venues have lately become quite a lucrative target for threat actors aiming to get their hands on customer information. After The Met, the latest victim in the list includes the National Gallery of Canada, which partially lost some operational data in a ransomware attack. A two-year-long analytical investigation revealed that the Seoul National University Hospital suffered a data breach, impacting over 800,000 people. In other news, the leaked Babuk source code has become a headache for the security community as researchers listed 10 ransomware families based on the code. Read on to know more.
01
The National Gallery of Canada was hit by a ransomware attack, prompting a system shutdown for server rebuilding and access restoration. No customer data was stolen, but operational data was partially lost.
02
North Korean hackers breached the network of Seoul National University Hospital, stealing sensitive medical information and personal details of 831,000 individuals. The incident occurred between May and June 2021, revealed a recent investigation.
03
Australia‘s TechnologyOne had to stop trading after identifying unauthorized third-party access to its back office systems. The affected customers will be notified once the investigation is conducted.
04
Cisco Talos discovered Greatness, a new Phishing-as-a-Service (PaaS) targeting Microsoft 365 users. It targets manufacturing, healthcare, and technology sectors, with victims primarily in the U.S., the U.K, Australia, South Africa, and Canada.
05
A Russian state hacking group is suspected of using a novel backdoor malware called DownEx to target international governmental agencies in Kazakhstan and Afghanistan, reported Bitdefender.
06
A new tool called White Phoenix developed by CyberArk allows victims of certain ransomware strains that use intermittent encryption to partially recover their encrypted files.
07
SentinelLabs detected 10 ransomware families employing VMware ESXi lockers, derived from the leaked 2021 Babuk source code. These variants emerged between H2 2022 and H1 2023.
08
GitHub is offering free push protection to all owners of public repositories. This security feature prevents secret leakage, aiding developers and maintainers in proactively securing their code within the open-source community.
09
GRIT Ransomware Report April 2023 noted that ransomware attacks decreased by 22% in April 2023, but increased by 27% compared to the same period in 2022, with Lockbit remaining the most impactful group.
10
Qbot malware is being distributed through malicious PDF files in a new malspam campaign targeting organizations worldwide, stated a new Check Point Research report.
