Tag: Cybersecurity
Mr. Cooper breach exposes 14m victims’ data
US mortgage service provider Mr. Cooper has disclosed a breach to the U.S. Securities and Exchange Commission (SEC) affecting over 14.5 million people. Breached data includes names, addresses, phone numbers, social security numbers, dates of birth, and bank account numbers. The Mr Cooper breach is indicative of several trends likely to shape the cybersecurity industry in 2024. The new obligation to report material cyber breaches within four days that came into effect last week on December 15 is widely expected to reveal a huge iceberg of what might have previously been unreported and, therefore, uncounted cyber breaches. The obligation to detail the loss and those affected also puts a big onus on organizations in all sectors to implement systems capable of identifying and tracking any intrusions into their network.
US White House Issues Executive Order to Improve Nation’s Cybersecurity – December 22nd
On December 21st, the U.S. White House issued Executive Order (EO) 14028, "Executive Order on Improving the Nation's Cybersecurity," which emphasized modernizing cybersecurity infrastructure by coding in more secure ways. A more detailed excerpt from the Executive Order stated; "Software engineers, developers, and coders must build secure code and security controls into the code they create. They need to make security by design and security by default software-design requirements."
3,500 Cybercriminals Arrested by Law Enforcement – December 21st
Over 3,500 cybercriminals were arrested and $300M worth of assets were seized by Europol, the South Korean government, along with cooperation from law enforcement agencies from 34 countries on a large-scale sting operation labeled "HAECHI IV". The operation spanning from July to December 2023, targeted predominantly email, e-commerce, and investment cyber fraudsters.
Financial Sector Sees Most Cyberattacks in 2023 – December 20th
Based on a Netwrix survey, the financial sector in 2023 experienced the most cyberattacks among any other sector in 2023. Surveying 1,610 IT and security professionals from more than 100 countries, the survey also revealed phishing and malware to be the most common attacks across all sectors.
‘Predatory Sparrow’ Cyberattack Shuts Down 70% of Iran’s Gas Stations – December 19th
Threat actor group Gonjeshke Darande, which translates to “Predatory Sparrow” claimed the cyberattacks against Iranian petrol stations, rail networks, and steel factories, according to Iranian State Media. 'Predatory Sparrow', speculated to be linked to Israel, explains the attack to be in response to "the aggression of the Islamic Republic and its proxies in the region".
Pope calls for global AI regulation in 2024
The New Year is set to start with a call to regulate artificial intelligence (AI) coming from a man whose views are considered by hundreds of millions of people to be infallible. On New Year’s Day, His Holiness Pope Francis is scheduled to issue a stark warning to the governments of the world on the dangers inherent in AI. On January 1, 2024, His Holiness will announce: “Techno-scientific advances, by making it possible to exercise hitherto unprecedented control over reality, are placing in human hands a vast array of options, including some that may pose a risk to our survival and endanger our common home”. Having warned that AI is a threat not to humanity but to the existence of the Planet Earth itself, His Holiness will then exhort “the global community of nations” to urgently adopt a binding international treaty to regulate not only the use of AI, but also its development.
MongoDB’s Data Breach Confirmed – December 18th
MongoDB revealed a data breach exposing customer metadata and sensitive information in an email announcement to their customers. The email, alerting MongoDB's customers of the cyberattack, also informed customers to be aware of heightened phishing email risk due to the data breach, and to set up multi-factor authentication for their accounts as a phishing safety measure.
Newsquest Media Group Discloses Cyberattack – December 15th
The UK's Newsquest Media Group reported a cyberattack that disrupted the company's websites and apps to the UK National Cyber Security Centre (NCSC) on Monday, December 11th. The UK media company with over 250 local news sites' stated that the series of Distributed Denial-of-Service (DDoS) attacks disrupted the reading experience of an estimated 48 million monthly readers.
The UK is at ‘High Risk’ of Ransomware Attacks – December 14th
The Joint Committee on National Security Strategy (JCNSS) published a report "A hostage to fortune: ransomware and UK National Security," which revealed the UK's lack of planning against ransomware attacks. Targeted mainly at the critical cyber infrastructure of the UK government, the JCNSS report warns that a severe attack could disrupt the core of government services, healthcare, and child protection, which could lead to bringing the country to a 'standstill'.
Ukraine’s Largest Telecom Crippled by Russian Cyberattack – December 13th
Kyivstar, Ukraine's largest telecom provider announced it was hit by a devastating cyberattack, disrupting internet access for over 26 million users. Kyivstar's parent company, VEON Ltd confirmed the devastating cyberattack, claiming it to be “one of the largest cyberattacks in the history of the global telecom market.”
Fraudulent LinkedIn Profiles Targeting Saudi Workers for Corporate Data Leaks – December 12th
Revealed in a presentation at last month's Black Hat Middle East and Africa conference, was a corporate information leak tactic targeting Saudi Arabian workers using fraudulent LinkedIn profiles. The LinkedIn attacks start with fraudulent accounts pretending to be Muslim women in their 20s who say they work in Southeast Asia. Once the connection is made, attempts to harvest sensitive corporate information through long, seemingly legitimate professional conversations ensue.
AutoSpill Attack May Lead to Stolen Android Credentials – December 11th
Researchers from the International Institute of Information Technology (IIIT) presented a new attack named 'AutoSpill' that enables attackers to steal account credentials on Android devices via an autofill operation, during the Black Hat Europe security conference. IIIT researchers pinpointed WebView, the Android feature used to open external links through an internal browser view as the starting point of the security flaw, leaving autofilled usernames and passwords vulnerable.