Global Cyber News Digest

UN probing 30 North Korean cyber attacks in 17 countries

Source: The Straits Times
By: FNU LNU
Published: August 14, 2019

* UN experts say they are investigating at least 30 instances in 17 countries of North Koreans using cyber attacks to raise money for weapons of mass destruction programmes - and they are also calling for sanctions against ships providing petrol and diesel to the isolated country.
* Last week, The Associated Press (AP) quoted a summary of a report from the experts which said North Korea illegally acquired as much as US$2 billion (S$2.77 billion) from its increasingly sophisticated cyber activities against financial institutions and cryptocurrency exchanges.

Security warning for software developers: You are now prime targets for phishing attacks

Source: ZDNet
By: Danny Palmer
Published: August 13, 2019

* Cybercriminals targeting the technology industry commonly direct their phishing campaigns at software developers
* Software developers are the people most targeted by hackers conducting cyberattacks against the technology industry, with the hackers taking advantage of the public profiles of individuals working in the high-turnover industry to help conduct their phishing campaigns.

Recent Phishing Attack on ProtonMail Accounts of Bellingcat Journalists Linked to Russia

Source: CPO Magazine
By: Scott Ikeda
Published: August 13, 2019

* Investigative news outlet Bellingcat has focused much of its eight years of work on high-level government controversies and cover-ups, particularly on issues in Russia in the past two years.
* It would appear that someone in the country has taken an interest in them.
* The ProtonMail email accounts of several Bellingcat journalists were targeted by a phishing campaign, which was ultimately not successful but provided leads that indicate Russian hacking groups backed by the government were involved.

Cybercriminals sell nearly 7 Million User credentials from recent StockX data breach

Source: CyWare
By: Ryan Stewart
Published: August 12, 2019

* The database contained personal information including user names, email addresses, addresses, shoe size, purchase history, and encrypted passwords.
* The stolen user accounts came from a StockX data breach that occurred in July 2019.

State Farm Hit by Data Breach

Source: AutoBody News
By: Bethan Moorcraft
Published: August 12, 2019

* State Farm · the largest property and casualty insurance provider in the US - has been compromised in a credential stuffing attack. * The firm acknowledged the cyberattack, filing a data breach notification with the California Attorney General, and on Wednesday, Aug. 7, it sent out =93Notice of Data Breach=94 emails to users whose online account log-in credentials were obtained by a bad actor.

Automakers warm up to friendly hackers at cybersecurity conference

Source: Reuters
By: Tina Bellon
Published: August 11, 2019

* At a conference where hackers can try their hand at picking locks and discover cyber vulnerabilities in a makeshift hospital, they can also endeavor to break into the control units of cars and take over driving functions.
* Those efforts at the DEF CON security convention in Las Vegas this weekend are sponsored by carmakers and suppliers that have increasingly recognized the need to collaborate with so-called white hat hackers - cyber experts who specialize in discovering vulnerabilities to help organizations.

Teen Tells DEF CON How He Hacked Millions of Student Records From Popular Education Software

Source: Gizmodo
By: Alyse Stanley
Published: August 10, 2019

* "Hello from Bill Demirkapi :)" read the message sent to thousands of parents, students, and teachers in his school district after the aforementioned teenager hacked his school's education software.
* During Demirkapi's freshman year, a mixture of boredom and aimless ambition led him to start investigating the companies' interfaces.

Anatomy of an attack: How Coinbase was targeted with emails booby-trapped with Firefox zero-days

Source: The Register
By: Thomas Claburn
Published: August 9, 2019

* Coinbase chief information security officer Philip Martin this week published an incident report covering the recent attack on the cryptocurrency exchange, revealing a phishing campaign of surprising sophistication.
* "Stage one of this attack first identified the operating system and browser, and displayed a convincing error to macOS users who were not currently using Firefox, instructing them to install the latest version from Mozilla," Martin wrote. "After visiting the page in Firefox, the exploit code was delivered from a separate domain, analyticsfit[.]com, which was registered on May 28."

Hackers launch phishing attack disguised as DocuSign document

Source: TechRadar.pro
By: Anthony Spadafora
Published: August 9, 2019

* Cybercriminals use fake DocuSign email to phish for credentials
* The Cofense Phishing Defense Center has identified a new wave of phishing attacks, disguised as an email from DocuSign.

Ransomware attackers have gone from 'spray and pray' to 'slayin' prey'

Source: The Register
By: Shaun Nichols
Published: August 8, 2019

* Black Hat Ransomware infections may be down, but only because attackers are getting better at targeting them. * Overall, the numbers would show that ransomware numbers have fallen. After peaking at more than 5.7 million total detections in August of 2018, just over 3 million attacks by lockup malware were detected in June 2019. * This is not, however, because criminals are losing interest in using ransomware. Rather, they are getting a much better return from fewer attempts on higher-value targets: namely, enterprises.