Tag: Cybersecurity
JP Morgan Chase Combats 45 Billion Cyber Attacks Daily – January 18th
On Wednesday, January 17th, JPMorgan Chase's asset and wealth management division head, Mary Callahan Erdoes, said during the World Economic Forum in Davos that the firm faces a staggering 45 billion breach attempts daily. Mary explained on a panel session that they have more security engineers than Google and Amazon, out of necessity, as threat actors increasingly get "smarter, savvier, quicker, more devious and mischievous."
Geopolitical tensions fuel botnet boom
Recent weeks have seen an exponential rise in malicious botnets performing reconnaissance scanning to scout out victims. According to researchers at cybersecurity firm Netscout, the number of potentially compromised devices rose from around 10,000 to roughly 144,000 over December, with no sign of the trend letting up. “The trend continued into the new year, with the largest spikes occurring on January 5 and 6, eclipsing one million distinct devices. The levels reached an unprecedented 1,294,416 on the 5th,” reports Netscout. The Netscout researchers say that this increased malicious scanning has been isolated to five key countries: The United States, China, Vietnam, Taiwan, and Russia. All have seen a rise in attackers using cheap or free cloud and hosting servers to create botnet launch pads.
CISA and FBI Release IOCs Associated with Androxgh0st Malware – January 17th
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory (CSA) containing the Indicators of Compromise (IOC) associated with the Androxgh0st malware. The joint CSA also contained the dangerous Androxgh0st malware tactics, techniques, and procedures associated with the malware's threat actors. The malware establishes a botnet for victim identification, exploits vulnerable networks, targets the theft of sensitive data, and may lead to remote code execution.
77% of CEOs Believe AI More Risk Than Reward in Cyber – January 16th
Despite the hype of AI in cybersecurity, a PwC survey revealed that 77% of CEOs still believe AI increases the risk of breaches rather than boosts cybersecurity. The PwC survey interviewed 4,700 executives globally, the majority of whom are CEOs. The survey also found that 63% of respondents believed AI to be a misinformation risk, causing a barrier for legal and reputational damage stemming from generative AI.
‘Hacktivists’ target environmental services
Politically-motivated hacking, known as ‘hacktivism’, is now on the rise across large sections of the globe. Politically motivated groups are increasingly attacking their enemies with primitive but effective distributed denial-of-service (DDoS) attacks, which involve overwhelming the target’s servers with vast volumes of internet traffic. But, according to cybersecurity firm Cloudflare’s DDoS Threat Report, the organizations being targeted most are environmental agencies pursuing green agendas such as Net Zero. While Cloudflare reported an overall increase of 117 percent in DDoS attacks around Black Friday and the holiday season, DDoS attacks on environmental agencies have soared over sixty-thousand-fold over the same period.
FNF hack exposes 1.3m customer details
US real estate financial services fat cat, Fidelity National Financial (FNF), has revealed details of a cybersecurity breach that occurred in November, exposing the details of 1.3 million customers. An updated filing to the US Securities and Exchange Commission (SEC) claims the attack, which occurred on November 19, 2023, was detected early on and successfully contained. But despite FNF’s best efforts, over a million customers will wonder if the threat actors behind the breach also believe that their attack has been successfully “contained.” The nature of their target suggests otherwise. A Fortune 500 company, FNF is one of the largest companies of its kind in the US, with an annual revenue of over $10 billion, a market capitalization of $13.3 billion, and a staff of over 23,000 people.
Ukrainian Hacks Accounts to Mine $2M in Crypto – January 15th
A now arrested Ukrainian-based hacker infiltrated cloud-computing accounts to create over 1M virtual servers to mine $2M worth of cryptocurrencies, Europol announced. The Europol investigation shed light on the dangers behind cloud computer hijacking campaigns used for large-scale illicit crypto mining.
Microsoft’s GitHub: A Growing Platform for Delivering Malicious Payloads – January 12th
A Recorded Future report discloses that Microsoft-owned GitHub is a growing and lucrative platform for threat actors to effectively deliver malicious payloads by blending the payloads with legitimate traffic. The open-source data repository platform's legitimacy is now being leveraged cleverly by threat actors who are "living-off-trusted-sites". However, the limitations in the site's file size and storage stopped large-scale payloads used for data exfiltration from being delivered.
British Library breach highlights new threat
The British Library, which houses about 14 million books plus manuscripts and items dating back to 2000 BC, was forced offline in October after refusing to pay a £600,000 ransomware demand. According to The Financial Times, the digital destruction caused by the “deep and extensive” ransomware attack means that the world-renowned library will now be forced to pay ten times that sum to rebuild its online services at a cost of £6 million to £7 million, taking it offline for up to a year. The British Library breach is further evidence of the devastating speed of the latest generation of ransomware attacks. Cybersecurity firm Sophos’s State of Ransomware 2023 report says that threat actors now succeed in encrypting data in 76 percent of ransomware attacks, up from 65 percent in 2022. According to Sophos, there has also been a 62 percent year-on-year rise in intentional remote encryption attacks since 2022
Ukrainian Hacking Group Dismantles Russian Telco – January 11th
A source informed Reuters that the Ukrainian spy agency-backed "Blackjack" hacking group successfully deleted 20TB of data from M9 Telecom, massively disrupting their operations. Seemingly coming as a retaliation attack to the "largest telco cyber attack in history" on Ukrainian telco, Kyivstar, the attack on M9 Telecom shut down internet use for thousands in Moscow.
SEC X Account Hacked to Push Bitcoin ETFs – January 10th
The Securities and Exchange Commission (SEC) confirmed through a spokesperson and social media announcements that the agency's X (formerly Twitter) account was compromised to promote Bitcoin ETFs. Bitcoin's value spiked to nearly $48k as a result of the false Tweet, despite being taken down just 30 minutes after being published.
Turkish Cyber Espionage Group Targeting Dutch Orgs – January 9th
Hunt & Hackett uncovered information on “Sea Turtle”, a Turkish-affiliated cyber espionage group that shifted focus to target Netherlands-based organizations. "Sea Turtle" was found to launch politically motivated evasive info-stealing campaigns targeting Dutch government, telco, media, and NGO organizations.