Protection from phishing attacks is never fully guaranteed. One may have the best measures in place, and yet a malware still manages to make its way into our systems. Hence, keeping abreast of the latest news in cybersecurity is essential. Here is the list of the major headlines of this past week from the cyber world
Data Breach At Frost & Sullivan
The US-based business consulting firm, Frost & Sullivan, recently underwent a data breach that has affected over 12000 of its customers and employees. The breach happened through an unprotected backup folder on one of the firm’s public servers.
KelvinSecurity Team has now put up the breach records on a hacker forum for sale. More than 6,000 customer records and 6,146 records for companies are available online. The details up for auction include client name, email address, and company contact for customers. In contrast, it contains first and last names, login names, email addresses, and hashed passwords for employees.
Frost & Sullivan is taking measures to ensure protection against phishing and have already secured the database. They believe that the threat factor no longer remains.
DDoSecrets Leaks 296GB US US Police Data
Last Friday, the hacker group Distributed Denial of Secrets (DDoSecrets) released a database with 296 GB of data belonging to US US law enforcement agencies and fusion centers. They said that they attained the data through the hacktivist group Anonymous.
The data was published under the name of BlueLeaks and contained Police and FBI reports from the last ten years.
The leak isn’t surprising as Anonymous had forewarned such attacks, and no phishing prevention measures have ever been able to contain this infamous hacker group. Over a million scanned documents, videos, emails, and audio files have been compromised in this attack from across the U.S U.S.
No Attack On COVID Tests: Claims Indonesian Govt.
An adversary has put up the medical records of 230,000 Indonesians on RaidForums and proposes to sell the entire batch for $300. But the Indonesian government and the Communication and Information Technology Ministry has consistently denied the hacker’s claims.
They investigated the matter together with the National Cyber Encryption Agency and declared on June 21st that required anti-phishing solutions have been incorporated. The hacker claimed to have compromised the names, addresses, contact numbers, age, nationality, and medical records of all those who took the COVID 19 test in Bali.
Twitter Suspends DDoSecrets Account
In line with the massive attack on US US Law Enforcement by the hacker group Distributed Denial of Secrets, Twitter has suspended the official DDoSecrets account. Twitter has been slow to take anti-phishing measures even in the past when hacker groups such as Guccifer 2.0 and TheDarkOverload used its platform to disseminate hacked data.
But now Twitter has permanently suspended the @DDoSecrets Twitter account for breach of its policy. However, these stolen files continue to be active on the DDoSecrets website. The only good outcome of Twitter’s action is that further sharing of the leaked US US police files on Twitter shall no longer be possible.
Beware Of CryptoCore Attacks
Eastern Europe based hacker group CryptoCore that has been targeting cryptocurrency exchanges for the past 3-4 years has stolen an approximate $200 million so far. The hacker group has been consistently launching a similar type of attacks with minor variations
CryptoCare is known for its spear-phishing attacks that target individuals more than companies as individuals are more unlikely to have spear phishing solutions incorporated. They impersonate high-ranking employees and then send out emails to the organizations associated with the employee, thereby planting malware on the employee’s device.
Update Google For New Security Features
Google announced the implementation of two new security features recently, which shall enable a user to regulate just how much of their data can Google store and track. These anti-phishing protection features are an addition to Google’s auto delete control that allowed users to delete their Web and App Activity and location history every 3 –18 months. While the existing account holders will have to install an update, new Google accounts will auto-delete activity every 18 months.
The other Google feature is the Incognito Mode, which may not be among the phishing prevention best practices but does keep a check on Google’s activity collection.
Stalker Online Accounts Compromised
In a recent data breach, the adversaries compromised the details of more than 1.3 million Stalker Online users. These records are now being sold on various dark web forums. The compromised information includes the usernames, passwords, email addresses, phone numbers, and IP addresses of Stalker Online players. Though no financial details were involved in the breach, many cyber attacks can still be conducted using the stolen details.
Stalker Online users are advised to take adequate phishing prevention measures as the attackers have probably sold their account details to multiple buyers on multiple forums.
Chinese Probes On India Increase Significantly
Within a week, Chinese probes on public-private service providers of India have exceeded 40,300. These attacks are speculated to be from China’s Sichuan province, which is also the headquarters of the cyber warfare wing of the People’s Liberation Army of China. However, there is no evidence to determine whether the attacks are from state-sponsored or non-state attackers, but these failed hacking attempts are messages to Indians to be on guard.
Not every gunshot is a misfire; the adversaries might succeed in infiltrating into the service providers’ systems in New Delhi and Mumbai. Experts suggest that anti-phishing services should be prepared for DDoS and Internet Protocol hijack attacks.
Ransomware Hits Indiabulls
The CLOP Ransomware recently attacked the Indian conglomerate Indiabulls Group. CLOP operators are now threatening to release the stolen data if Indiabulls refuses to pay the ransom.
The ransom amount hasn’t been disclosed yet. The adversaries have released a sample of the stolen data on their data leak site, which includes a voucher, a letter, and four spreadsheets related to the Indiabulls Pharmaceuticals and Indiabulls Housing Finance Limited subsidiaries.
Fake COVID Tracing App
The adversaries proved once again that they are ahead of phishing prevention software. They had launched a fake COVID tracing app just days before the Canadian government was about to launch its app COVID Alert.
The fake app impersonates Health Canada and downloads malware onto a user’s device. Users are advised to take phishing protection measures and download apps wisely.