Global Cyber News Digest

Events

Cyber Insider Podcast

Press Room

Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • U.S. Helping Ukraine Foil Russian Cyberattacks as Hacking Spikes: Sources

    • U.S. intelligence agencies have helped Ukraine foil an escalating number of Russian cyberattacks in recent months as Moscow's troops mass along their shared border.
    • An official at the Ukrainian Embassy in Washington, D.C., describes the sharp increase in hacks and other forms of cyberwarfare as the work of "hackers on the order of Russian intelligence" and says the Ukrainian Security Service prevented 350 of them beginning in January through cooperation with U.S. intelligence agencies.
    • The simmering provocations mark a troubling rise in aggression from Russia at a time Ukrainian officials fear Moscow's forces could mount new offensives within weeks, or even days.
    • "Moscow is well positioned to ... continue destabilization efforts against Ukraine while settlement talks remain stalled and low-level fighting continues," the U.S. intelligence community concluded in its annual Worldwide Threat Assessment, released this month.
    • "Russia almost certainly considers cyber attacks an acceptable option to deter adversaries, control escalation, and prosecute conflicts."
    - Paul Shinkman | April 20, 2021
    hak-iq.us20.list-manage.comApril 20, 2021

  • Campus Still Closed as Portsmouth University Reels from Suspected Ransomware

    • Key IT systems at the University of Portsmouth continue to remain offline this week after a supposed ransomware attack, delaying the start of the new term.
    • The News has reported that it has seen an email from the university claiming it suffered a ransomware attack.
    • A report last year claimed that a third of UK universities have been hit with ransomware over the past decade.
    - Phil Muncaster | April 20, 2021
    hak-iq.us20.list-manage.comApril 20, 2021

  • Federal investigators looking into breach at software code testing company Codecov

    • Codecov’s platform is used to test software code for vulnerabilities, and its 29,000 clients include Atlassian, Proctor & Gamble, GoDaddy, and the Washington Post.
    • In a statement on the company’s website, Codecov CEO Jerrod Engelberg acknowledged the breach and the federal investigation, saying someone had gained access to its Bash Uploader script and modified it without the company’s permission.
    • The modified version of the tool could have affected:
      • Any credentials, tokens, or keys that our customers were passing through their CI runner that would be accessible when the Bash Uploader script was executed.
      • Any services, datastores, and application code that could be accessed with these credentials, tokens, or keys.
      • The git remote information (URL of the origin repository) of repositories using the Bash Uploaders to upload coverage to Codecov in CI.
    • Although the breach occurred in January, it was not discovered until April 1st, when a customer noticed something was wrong with the tool.
    • While the breadth of the Codecov breach remains unclear, Reuters notes that it could potentially have a similar, far-reaching impact as the SolarWinds hack of late last year.
    - Kim Lyons | April 18, 2021
    hak-iq.us20.list-manage.comApril 18, 2021

  • What Is Logic Bomb Malware and How Can You Prevent It

    • Most cyber-attacks have an immediate malicious impact on your computer. For example, if you unknowingly download ransomware in an email attachment, it will typically lock your files immediately. However, logic bombs attack differently. A logic bomb is malicious code that remains concealed until triggered by a certain action.
    • A logic bomb—also known as slag code—is a piece of malicious code that hackers insert into a computer network, software program, or digital device.
    • Usually, logic bombs are set to detonate on a particular date. These types of logic bombs are often referred to as time bombs. Other types of logic bombs are triggered when you open a certain file or type in a specific command on your PC. Usually, logic bombs are installed by someone with high-level access, such as a systems administrator.
    • 2 Logic Bomb Examples:
      • Fake or cloned software
      • Keylogger
    • The following signs and symptoms are a call for concern:
      • Your important files start to suddenly disappear or seem to be altered.
      • Your passwords no longer work—but you don’t remember changing them.
      • You accidentally downloaded software from a known malicious site. The software might not cause instant damage, but it might be hiding malware in the form of a logic bomb.
    MakeUseOf - Modisha Tladi | April 18, 2021
    hak-iq.us20.list-manage.comApril 18, 2021

  • Phone House suffers a cyber attack: data from 3 million Spanish customers at stake | Technology

    • Those responsible for the cyberattack are Babuk, and according to what elconfidencial has learned, the attackers have a large amount of data from the Spanish company, employees and customers.
    • Among the data currently in the possession of cybercriminals would include the full name of the clients, date of birth, ID, bank account, mobile phone, email, home address and company where they work. This is more than enough data to carry out social engineering in the future and access much more sensitive data.
    • Cybercriminals claim they have 10 databases containing private information of more than 3 million customers and employees of the Spanish division of Phone House.
      • They threaten that, if the company does not pay, all this information will be published in a public blog and darkweb forums, and on top of that the data will be sent to competitors.
    | April 18, 2021
    hak-iq.us20.list-manage.comApril 18, 2021

  • US sanctions Russia over SolarWinds hack, election interference

    • The new measures sanction 32 entities and individuals for "carrying out Russian government-directed attempts to influence the 2020 US presidential election," and six Russian companies for providing "support to the Russian Intelligence Services' cyber program."
    • The US is also expelling 10 Russian diplomats and putting in place economic restrictions.
    • On Thursday, the administration formally named Russia's foreign intelligence service, the SVR, as the perpetrator of the "broad-scope cyber espionage campaign." The National Security Agency, the Cybersecurity and Infrastructure Security Agency and the FBI issued a joint advisory outlining "software vulnerabilities that the SVR uses to gain access to victim devices and networks."
    • The administration said it's also taking steps with allies to bolster cybersecurity and evaluating whether to take further action under the executive order to protect supply chains from exploitation by Russia.
    - Carrie Mihalcek | April 15, 2021
    hak-iq.us20.list-manage.comApril 15, 2021

  • Cybersecurity: Victims are spotting cyber attacks much more quickly - but there's a catch

    • The amount of time cyber criminals are spending inside compromised networks is dropping. But while that might sound like a positive development, one reason hackers are spending less time inside networks is because of the surge in ransomware attacks.
    • One of the key advantages of ransomware attacks for cyber criminals is that they have the potential to make them a lot of money in a relatively short space of time. Once they've compromised all the required assets on the network, there's no point waiting around, so the criminals will execute the ransomware attack as quickly as possible.
    • While being able to quickly detect attacks inside the network is better than not detecting them at all, the best way to protect the organisation from cyber threats is to detect or prevent them before they've even had a chance to compromise the network.
    • To help this, it's strongly recommended to focus on security fundamentals including vulnerability and patch management, so that cyber attacks can't take advantage of known vulnerabilities in the networks.
    - Danny Palmer | April 13, 2021
    hak-iq.us20.list-manage.comApril 13, 2021

  • 5G will accelerate cyber crime, predicts former White House CIO

    • 5G technology will make it easier for hackers to engage in criminal activity and will result in “massive cyber attacks” this year, according to former White House CIO Theresa Payton.
    • Payton told attendees that, as the ongoing pandemic leads to innovations in cyber crime, 5G connectivity will allow hackers to accelerate cyber attacks at an unprecedented scale due to existing cyber security issues going unresolved.
    • This will lead to a smart city reliant on 5G falling victim to a cyber attack by the end of the year, Payton predicts. She didn’t name a specific city, meaning that it could be smart city pioneers such as Singapore or Dubai, as well as London, which is becoming increasingly powered by 5G as the UK continues its nationwide rollout.
    • Payton also shared her predictions on ‘artificial intelligence poisoning’, which she described as the practice of hackers breaching and changing algorithms responsible for training AI, leading to the technology performing tasks which it was originally not intended to do.
    • “AI will be cyber criminals’ weapon of choice,” she said. “And it's going to continue to help them crack more and more accounts, networks and data stores.”
    - Sabina Weston | April 13, 2021
    hak-iq.us20.list-manage.comApril 13, 2021

  • Covid results emails may breach GDPR

    • Free, rapid lateral flow tests for coronavirus are now available in England, but the government notifications confirming the results appear to contravene several articles of the GDPR.
    • As well as general coronavirus advice like the importance of social distancing, each Notify email contains the user's name, date of birth and NHS number.
    • Email is, at its heart, an insecure medium, too easy to hack or intercept - or even read over someone's shoulder. The personal details are included to prove that an email is from official government channels, which was common in the analogue (i.e. paper-based) past; but in a world of digital identity theft, such practices must be reviewed.
    • While the layperson may not be put off, data-conscious individuals might think twice about reporting their test results (which is not, currently, a legal requirement), to lower the risk of data and identity theft - with knock-on effects on NHS data collection and virus tracking.
    - Tom Allen | April 12, 2021
    hak-iq.us20.list-manage.comApril 12, 2021

  • TriHealth reports patient and employee data breach through law firm

    • Some employee or patient information may have been breached through a law firm it uses in Columbus.
    • There was a ransomware attack on Bricker & Eckler's email server, according to TriHealth. Some of the information included "personally identifiable and protected health information belonging to a select group of TriHealth employees and patients".
    • TriHealth says it has to provide sensitive and confidential information to Bricker & Eckler as part of TriHealth's business operations.
    WKRC | April 12, 2021
    hak-iq.us20.list-manage.comApril 12, 2021

451 A Street, Suite 500
San Diego, CA 92101

[email protected]

CONNECT WITH US

Linkedin Twitter

Cyber Center of Excellence is a San Diego-based nonprofit dedicated to growing the regional cyber economy and creating a more secure digital community for all.

JOIN US
Linkedin Twitter
Cyber Center of Excellence | Privacy Policy  |  Terms & Conditions
Linkedin Twitter
Privacy Policy  |  Terms & Conditions
© 2024 Cyber Center of Excellence