Every second, 44 cyber attacks are being launched across the world. This terrorizing threat concerns all internet users, and hence keeping abreast of the latest happenings in cybersecurity is imperative for phishing prevention. Following are the top headlines from the past week
Ransomware Hits Magellan Health Inc.
The Fortune 500 Company Magellan Health Inc. detected a ransomware attack on one of its servers recently that compromised personal details of employees. The compromised data includes names, employee IDs, addresses, and W-2 or 1099 tax form details.
To ensure protection against phishing, Magellan Health hired the cybersecurity firm Mandiant immediately. They are also working closely with the FBI. Magellan Health is offering identity theft protection to affected customers.
However, no signs of unauthorized intrusion have been recorded since the ransomware attack.
US Warns Of New Malware
The US government has recently published details of three new malware strains that are allegedly used by state-sponsored North Korean hackers. These new ones come as an addition to Lazarus Group’s other malware samples like Bistromath, Slickshoes, Hoplight, and Electricfish.
To ensure anti-phishing protection, the US govt has released the following information about the three malware strains, namely, Copperhedge, Taintedscribe, and Pebbledash:
Copperhedge is a Remote Access Tool (RAT) designed to run arbitrary commands, perform system reconnaissance, and exfiltrate data. Six versions of Copperhedge are in circulation to attack cryptocurrency exchanges.
Taintedscribe is a Trojan impersonating Microsoft’s Narrator screen reader utility and downloads malicious payloads from a command-and-control server, upload, and execute files, and even create and terminate processes.
Pebbledash, too, is a Trojan that downloads, uploads, deletes, and executes files. It enables Windows CLI access, creates and terminates processes, and performs target system enumeration.
Attack on WA’s Major Daily Newspaper
The adversaries attacked West Australia’s major daily newspaper on March 23, but it was discovered only on April 21. Soon after, an investigation was launched. The hackers were impersonating the administrator of the mailbox and sending out phishing emails to subscribers.
Used for communication between the masthead, its subscribers, and small business distribution partners, the mailbox contains the names, home addresses, phone numbers, and emails of anyone who has contacted The West Australian via the email channel – firstname.lastname@example.org.
The masthead advises all readers to subscribe to anti-phishing services. They have also reported the breach to the Australian Privacy Commissioner.
9.1K Attacks On India In 3 Months
Using the COVID 19 crisis to their benefit, cyber attackers are terrorizing the world. 9100 such attacks have been registered in India between February 2 and May 2, according to a Microsoft executive, Ann Johnson.
Johnson added that India had some phishing protection tools in place. Still, the Coronavirus outbreak had made employees an easy target of phishing attacks.
To protect oneself from phishing, Johnson advises organizations to provide employees with the necessary tools and education.
Data Breach at Bhinneka.com
Reports suggest that the consumer electronics e-commerce platform Bhinneka.com is one of the prime targets of data theft in recent times. Data belonging to over 1.2 million Bhinneka.com users are selling for US$1,200 on the dark market. The hacker group ShinyHunters is behind the breach.
Bhinneka.com is working with the National Cyber and Encryption Agency to ensure protection from phishing. It is also implementing a global data security standard called TUV Rheinland’s Payment Card Industry Data Security Standard (PCI DSS) to protect its customers.
Although the company keeps customer passwords encrypted, they advise people to change their passwords nonetheless.
INTERPOL Proposes Anti-Ransomware Day
The ransomware WannaCry came up in 2017 and had been traumatizing the world ever since it marked its third anniversary on May 12, 2017. The International crime-fighting organization INTERPOL, in collaboration with the cybersecurity firm Kaspersky has declared this day as “Anti-Ransomware Day.”
This Anti-Ransomware Day shall raise awareness on the need to have backups of data and anti-phishing solutions for organizations. Kaspersky’s research reveals that encryptors attacked 767,907 users in 2019. On average, victim organizations lost $1.46m in October 2019 alone.
Since a lot of people remain oblivious of ransomware, the director of INTERPOL Cybercrime Directorate – Craig Jones feels that the Anti-Ransomware Day shall motivate people to maintain cyber hygiene.
Unsafe Android Apps
Security researcher Bob Diachenko from Security Discovery recently uncovered over 4,000 Android apps that are unknowingly compromising sensitive information of users. These apps use Google’s cloud-hosted Firebase to store user data such as email addresses, usernames, passwords, phone numbers, full names, chat messages, and location data.
Vulnerable apps relate to gaming, education, entertainment, and business categories. They have been installed by Android users more than 4.22 billion times. Hence it’s quite probable that an Android user’s privacy has been compromised by at least one of these apps at some point.
Google was notified of these findings on April 22, and it has approached the affected developers to ensure protection from phishing attacks.
Malware Hits Stadler Rail
Switzerland-based railway rolling stock manufacturer Stadler Rail recently underwent a malware attack. The adversaries are now demanding money from Stadler by threatening to publish their stolen data. The company is taking necessary measures to prevent phishing attacks and has engaged an external team to investigate the matter.
Meanwhile, the affected systems are being rebooted, and backup systems remain operational.
Flaws in Thunderbolt
Certain flaws in Intel’s hardware interface Thunderbolt allow Thunderspy to attack a user’s system. The vulnerability exists in all Thunderbolt-equipped devices manufactured before 2019. What makes phishing attack prevention difficult is the fact that no security practices can ensure protection from Thunderspy.
The only way to stop Thunderspy attacks is by disabling Thunderbolt ports from a system manually.
Ransomware Hits Texas Court Systems
The Texas judicial system underwent a ransomware attack recently, which brought down all its websites and legal proceedings. However, there is no evidence of compromise of sensitive information, and emails, too, remain unaffected for the court system.
As an anti-phishing measure, they are now working with law enforcement and the Texas Department of Information Resources to get to the roots of the attack without paying any ransom.