InfoSecBulletin Cybersecurity for mankind
Ransomware actors have been running rampant targeting every sector left, right, and center. In today’s edition, a technology provider fell prey to one, locking customers out of portals and websites. In other news, the threat actor linked to the Triada trojan infected millions of phones – thanks to a preinstalled malware. Coming back to ransomware, BianLian is still extorting victims without encrypting data, in what happens to be a change of tactic. Here are the top 10 highlights from the past 24 hours.
01
Technology provider ScanSource suffered a ransomware attack that impacted some of its systems, causing delays in services to customers in North America and Brazil.
02
The Lemon Group gained control over millions of smartphones globally through the preinstallation of a malware called Guerrilla, reported Trend Micro. The campaign has been active since 2018.
03
BleepingComputer spotted a new ransomware operation, dubbed MalasLocker, that is targeting Zimbra servers to steal emails and encrypt files, with an unusual ransom demand of a donation to a non-profit charity instead of payment.
04
The CISA, the FBI, and the ACSC published a joint advisory warning against the BianLian ransomware group using new tactics to steal data without encrypting systems, which still results in data breaches and reputation damage.
05
The 2022 Trends in Identity Report revealed that over 80% of identity compromises involved the use of stolen credentials as part of a scam, up from 77% the previous year.
06
The escalation of geopolitical tensions between China and Taiwan resulted in a significant surge in cyberattacks targeting Taiwan, specifically focusing on malware delivery, sensitive data theft, and an increase in malicious emails and PlugX detections – said Trellix.
07
The FTC accused Easy Healthcare, the developer of the free fertility app Premom, of sharing sensitive personal information and health data on its users with China-based firms and other third parties without obtaining permission.
08
Ukrainian cybersecurity agency SSSCIP stated that Russian hackers targeted Ukrainian insurance companies to obtain personal data, with more than one-third of the country’s largest insurers affected.
09
Check Point Research found that cybercriminals targeted Microsoft’s VSCode Marketplace by uploading three malicious Visual Studio extensions that were downloaded over 46,000 times by Windows developers.
10
A new report disclosed that threat actors are providing access to organizations operating in the energy sector, including ICS and OT systems, located in the U.S., the U.K, Canada, Indonesia, France, and Italy.
