Friday, July 5th, 2024
Cybersecurity Week in Review (05/07/24)
Brazil Halts Meta’s AI Data Processing Amid Privacy Concerns
Brazil’s data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users’ personal data to train the company’s artificial intelligence (AI) algorithms.
The ANPD said it found “evidence of processing of personal data based on inadequate legal hypothesis, lack of transparency, limitation of the rights of data subjects, and risks to children and adolescents.”
Brazil has about 102 million active users, making it one of the largest markets. The ANPD noted the Meta update violates the General Personal Data Protection Law (LGBD) and has “the imminent risk of serious and irreparable or difficult-to-repair damage to the fundamental rights of the affected data subjects.”
Source: https://thehackernews.com/2024/07/brazil-halts-metas-ai-data-processing.html
Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers
Twilio this week confirmed suffering a data breach after hackers leaked 33 million phone numbers associated with the Authy application.
The notorious ShinyHunters hackers announced on the relaunched BreachForums website in late June that they were leaking 33 million random phone numbers associated with Twilio’s two-factor authentication app Authy.
The leaked information also included account IDs and some other non-personal data associated with Authy users.
Global Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt Strike
A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with the Cobalt Strike.The crackdown targeted older, unlicensed versions of the Cobalt Strike red teaming framework between June 24 and 28, according to Europol.
Of the 690 IP addresses that were flagged to online service providers in 27 countries as associated with criminal activity, 590 are no longer accessible.
Source: https://thehackernews.com/2024/07/global-police-operation-shuts-down-600.html
Affirm card users’ personal information possibly compromised in Evolve Bank cyber attack
U.S. financial technology firm Affirm Holdings said on Monday that it believes that the personal information of Affirm card users was compromised as part of Arkansas-based Evolve Bank and Trust’s cybersecurity incident. Evolve Bank is a third-party issuer of Affirm card and last week was a victim of a cybersecurity incident that involved customers’ data being illegally released on the dark web.
However, Affirm – which shares the personal information of its card users with Evolve to facilitate the issuance and servicing of the cards – confirmed that the company’s systems were not compromised and Affirm card holders can continue using their cards.
South Africa National Healthcare Lab Still Reeling From Ransomware Attack
South Africa’s National Health Laboratory Service (NHLS), the government-run network of healthcare testing laboratories, continues to battle in its recovery from a ransomware attack that disrupted systems and deleted backups.
The attack targeted specific weak points in the NHLS’s information infrastructure on June 22, effectively blocking communications between the laboratories’ information systems and other medical databases, resulting in delays in lab testing across public health facilities.
South Korean ERP Vendor’s Server Hacked to Spread Xctdoor Malware
An unnamed South Korean enterprise resource planning (ERP) vendor’s product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor.
The AhnLab Security Intelligence Center (ASEC), which identified the attack in May 2024, did not attribute it to a known threat actor or group, but noted that the tactics overlap with that of Andariel, a sub-cluster within the infamous Lazarus Group.
Source: https://thehackernews.com/2024/07/south-korean-erp-vendors-server-hacked.html
Japanese anime and gaming giant admits data leak following ransomware attack
Japanese media giant Kadokawa confirmed that some of its data was leaked in the ransomware attack last month.
In a statement on Saturday, Kadokawa said that the leaked data included business partner information, including contracts and other documents, as well as internal company data such as personal information on all employees of its subsidiary Dwango, which runs the popular Japanese video-sharing site Niconico.
Last week, the BlackSuit ransomware gang published a small sample of the stolen data and threatened to publish the rest if the company didn’t pay a ransom. BlackSuit is said to have gained access to 1.5 TB of the company’s data.
Microsoft Uncovers Major Flaws in Rockwell PanelView Plus
Microsoft’s cybersecurity team has uncovered two significant vulnerabilities in Rockwell Automation’s PanelView Plus, a type of human-machine interface (HMI) widely used in industrial settings.
These vulnerabilities, identified as CVE-2023-2071 and CVE-2023-29464, can be exploited remotely by unauthenticated attackers to perform remote code execution (RCE) and denial-of-service (DoS) respectively.
Source: https://www.infosecurity-magazine.com/news/microsoft-uncovers-flaws-rockwell/
Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks
Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver. The French company is tracking the activity under the name Supposed Grasshopper.
The campaign, believed to be highly targeted in nature, “leverage target-specific infrastructure and custom WordPress websites as a payload delivery mechanism, but affect a variety of entities across unrelated verticals, and rely on well-known open-source malware,” HarfangLab said in a report last week.
Source: https://thehackernews.com/2024/07/israeli-entities-targeted-by.html
Romance scams cost consumers $1.14 billion last year. It’s a ‘more insidious’ fraud, expert says
Cybercriminals are targeting wealth accounts by tapping into a victim’s emotions. So-called romance scams involve building a relationship and trust with the victim so that the target willingly provides access to their accounts or transfers money to the criminal, explained Tracy Kitten, the director of fraud and security at Javelin Strategy & Research, a financial research services firm.
Consumers lost $1.14 billion to romance scams in 2023, according to the Federal Trade Commission. Median losses per person amounted to $2,000, the highest reported losses for any form of imposter scam, the FTC found.
Contact Us
The data you supply here will not be added to any mailing list or given to any third party providers without further consent. View our Privacy Policy for more information.