Cybersecurity has never been a dormant field. With the global pandemic affecting nations, cyber-attacks are only rising. While phishing prevention solutions are not 100% effective, they withstand these attacks to a great extent. The following headlines from the past week shall help you judge whether you can still go without good anti-phishing software.
Data Breach Hits Norwegian Cruise Line
Security experts from DynaRisk discovered a database belonging to the Norwegian Cruise Line on the dark web on March 13th. The exposed data included clear text passwords and email addresses of company agents.
The breach exposed the details of 29,969 travel agents on the agents.ncl.eu website, and despite being notified, Norwegian Cruise Line didn’t revert until the fifth day. The attack comes at a time when nations are struggling with Covid 19, and it only adds to the grievances of the affected agents.
The Norwegian Cruise Lines informed that they are taking all measures to ensure protection from phishing attacks and are advising their travel partners to remain vigilant.
Sextortion Scams Back Again
Once again, Raccoon is back to cripple people’s devices. People are advised to stay safe from scams claiming to have nude pictures of your friend’s girlfriend. Once you open such an email and click on the Enable Content button, the malicious payload gets a downloaded device.
All hackers who invest $75/week or $200/month to target login credentials, credit card information, cryptocurrency wallets, and browser information can use Raccoon to attack unpatched browsers and operating systems.
To protect yourself from phishing, ignore all suspicious messages in your Inbox, and refrain from clicking on malicious attachments. It’s better to delete such messages the moment you receive them.
Data Breach At University Of Utah Health
A data breach at the University of Utah Health was discovered last week, which exposed patient information, such as names, dates of birth, medical record numbers, and clinical information about received care. The breach was through some employee email accounts and happened between January 7th and February 21st 2020.
The University of Utah Health is taking all possible anti-phishing protection measures to reinstate the employee’s workstation infected with malware and to investigate further. They believe that no information has been misused and advise patients to review statements received from their healthcare providers.
Data Breach Hits General Electric
Renowned US Company General Electric (GE) recently underwent a data breach that exposed the details of its current and former employees and beneficiaries. The compromised features include their details such as marriage certificates, death certificates, medical child support orders, birth certificates, beneficiary designation forms, tax withholding forms, and other sensitive information such as driver’s license numbers, SSNs, bank account numbers, and passport details.
The attack took place through its service provider Canon Business Process Services (Canon), but the GE systems remain unaffected. While GE is now taking measures to ensure protection against phishing, Canon is giving free identity protection and credit monitoring services to the victims for two years.
Researcher Finds Vulnerability In Tesla Central Touchscreen
Security researcher Nullze recently discovered a denial-of-service (DoS) vulnerability in Tesla Model 3’s Central Touchscreen that could allow hackers to render it unusable. All a hacker needed to do was make the victim visit a specially crafted website, and that would make the central display unresponsive.
The vulnerability was marked as CVE-2020-10558, which disables the speedometer, web browser, climate controls, turn signals, navigation, autopilot notifications, and blinker notifications in addition to other miscellaneous functions from the main screen. Though the central display crashes because of the flaw, you can still drive the work by restarting it.
Tesla is taking anti-phishing measures and has released a patch (Version 2020.4.10) for dealing with the vulnerability.
Failed Hacking Attempt On WHO
Security Researcher Alexander Urbelis from Reuters discovered a hacking and impersonation attempt on the WHO on March 13th from an advanced group of hackers called DarkHotel. The attackers were planning to launch a live attack on the World Health Organization by creating a malicious site mimicking the WHO’s internal email system.
Flavio Aggio, the CISO of WHO, said that hackers attempted stealing passwords from multiple agency staffers but had failed. Amidst the pandemic related concerns, WHO is also taking measures to prevent phishing attacks and even released an alert asking people to stay vigilant of hackers trying to steal money and sensitive information from the public.
Beware Of New Android Banking Trojan
Hackers are not yet done exploiting Covid-19; this time, they are here with a new Android banking Trojan, which cons people into handing over their card details in exchange for information on Covid-19 cases in your locality. But this is the Ginp Trojan, which pretends to be ‘Coronavirus Finder,’ which promises to list down the number of people with Covid-19 in your area.
The trojan needs you to enter your credit card details to deduct a nominal charge of €0.75 for the information it gets you, but once you enter your card details, they do not deduct the requested €0.75. Nor do they send any data. It’s just a tactic to procure card details to steal all your money later. To ensure protection from phishing attempts like this, download apps only from the official Google Play Store and grant permissions to only AV apps.
Web Skimmer On Tupperware Website
The US-based producer of plastic food container products – Tupperware, recently underwent a data breach where hackers placed malicious code on its website to steal payment card details from its online customers. Security firm Malwarebytes discovered the malware on March 20th, but all their attempts at contacting Tupperware failed.
This malware impersonates Tupperware’s official payment form and steals people’s card details every time they make a payment. The details include their names, billing address, telephone number, credit card number, credit card expiry date, and credit card CVV code.
However, this web skimmer or Magecart script can be easily spotted because Tupperware sites run in local languages, whereas this form appears in English. Security experts expect more such attempts on online shopping portals soon and advise all users to take proper phishing attack prevention measures.
TQL Faces $5M Lawsuit
Cincinnati based freight Brokerage Company Total Quality Logistics faces a lawsuit of $5 million for its inability to ensure phishing protection. The data breach occurred on February 23rd and exposed customer and carrier information, which included Tax ID numbers, Bank Account numbers, Social Security numbers, email addresses, phone numbers, first and last names, and TQL customer ID numbers.
A Charles Newman owned trucking company filed a complaint against TQL, calling it guilty of taking customer security too lightly. In their defense, TQL President Kerry Byrne informed that they had sent out breach notifications to all their carriers after the breach and had even advised them to monitor their bank accounts.
Maze Attacks Hammersmith Medicines Research
The Maze ransomware group hit Hammersmith Medicines Research – a medical facility testing coronavirus vaccine. This happened despite their promise not to attack any medical organizations until the Covid 19 pandemic was cured.
The clinical director of Hammersmith Medicines Research, Malcolm Boyce, said that they spotted and repelled the attack on March 14th, without any downtime. But the Maze attackers could exfiltrate patient records in the attack and published these on the dark web. These records included the details of people who participated in testing trials between the last eight to 20 years.