European Parliament (Image: Dusan_Cvetanovic, Pixabay)

Russian KillNet Shuts Down EU Parliament Website With DDoS

Akshaya Asokan • November 23, 2022

Pro-Kremlin KillNet hackers took down the website of the European Parliament on Wednesday in a DDoS attack that came just hours after the legislative body declared Russia a terrorist state. The website was still down late in the day as part of a string of hacktivist attacks against allied nations.

Governance & Risk Management

Iranian Hacker Group Uses Log4Shell to Cryptojack US Agency

Latest

Business Continuity Management / Disaster Recovery

Cyber Resilience Minimizes Risks for Digital Services

Brian Pereira • November 25, 2022

Cyber resilience extends beyond cyberattacks and encompasses the convergence of security and disaster recovery and takes into account other factors such as supply chain disruption, attacks on critical infrastructure, epidemics, market fluctuations, power outages, and natural disasters.

Cybercrime

ISMG Editors: The Rise of Info Stealing Malware

Anna Delaney • November 25, 2022

In the latest weekly update, Information Security Media Group Editors discuss current cybersecurity and privacy issues, including advice on strengthening off-hours defenses during the holiday season, emerging cybercrime trends in 2022, and Palo Alto's first big M&A since early 2021.

Cybercrime

Ontario Teachers’ Data Stolen in Ransomware Attack

Mihir Bagwe • November 25, 2022

A cyberattack on a Canadian teachers’ union gave thieves access to sensitive data of more than 60,000 members The union is yet to disclose the exact number of affected individuals, but stated that both former and current members are impacted.

Cryptocurrency Fraud

Cybercrime Carnage: Cryptocurrency-Targeting Attacks Abound

Mathew J. Schwartz • November 25, 2022

While the cybercrime story for 2022 has yet to be fully written, cryptocurrency theft will no doubt have a starring role. Buoyed by the collective pilfering of billions of dollars' worth of cryptocurrency this year, what's to stop attackers from doubling down in 2023?

Breach Notification

Lorenz Ransomware Alert: Risk to Healthcare, Public Sector

Mathew J. Schwartz • November 24, 2022

Cybersecurity experts warn that large healthcare and public sector organizations are continuing to get hit by "big-game hunting" attackers wielding Lorenz ransomware. Among the group's known victims are Wolfe Eye Clinic in Iowa and Salud Family Health of Colorado.

Blockchain & Cryptocurrency

Ransomware Group Zeppelin's Costly Encryption Mistake

Anna Delaney • November 24, 2022

The latest edition of the ISMG Security Report discusses how the profits of ransomware group Zeppelin have been smashed by security researchers, FTX again highlighting the risks of trading cryptocurrencies, and vendor Extrahop's newly appointed, high-profile president.

Business Continuity Management / Disaster Recovery

Zeppelin Ransomware Proceeds Punctured by Crypto Workaround

Mathew J. Schwartz • November 24, 2022

As the U.S. celebrates Thanksgiving, let's give thanks for this cybercrime karma: For more than two years, law enforcement and security experts have been exploiting flaws in the crypto-locking malware to help victims decrypt their systems without paying a ransom.

Governance & Risk Management

Tata Power Attack Linked to Bug in Nearly 20-Year-Old Server

Mihir Bagwe • November 23, 2022

Microsoft says vulnerabilities in outdated web servers are likely responsible for a cyberattack last month against Indian energy giant Tata Power. Attackers targeted Boa servers, which were discontinued in 2005, to potentially compromise Tata and other critical infrastructure organizations around the world.

Anti-Phishing, DMARC

Russian Hackers Now Offering Stealer as a Service

Akshaya Asokan • November 23, 2022

Security firm Group-IB has identified 34 hacking groups that are now selling a stealer-as-a-service model to spread infostealer malware and steal credentials from online gaming and payment accounts. The company advises organizations to be on the lookout for Raccoon and Redline infostealers.

Cyberwarfare / Nation-State Attacks

DOJ Closes Pig-Butchering Domains Tied to Crypto Scams

Prajeet Nair • November 23, 2022

The U.S. government seized seven fake cryptocurrency domains used in a confidence scam based on long-term emotional manipulation of victims that netted criminals more than $10 million. Perpetrators scammed five victims by spoofing the website of the Singapore International Monetary Exchange.

Industry Specific

Healthcare Data Breaches Doubled in 3 Years: Here's Why

Marianne Kolbasuk McGee • November 23, 2022

Over 5,000 major health data breaches since 2009 have affected the personal information of 370 million people. Ransomware gangs and hackers are targeting healthcare providers, insurance firms and partners at an alarming rate. Experts explain why it's such a dangerous game.

Cybercrime

AxLocker Ransomware Adds a Twist: Stealing Discord Tokens

Mathew J. Schwartz • November 23, 2022

Before the newly spotted AxLocker ransomware crypto-locks systems, it steals Discord tokens, which can be sold on cybercrime markets. Among Discord's many users are cryptocurrency and NFT enthusiasts, and experts say the stolen credentials facilitate attempts to socially engineer them.