Spam and phishing emails, Trojan, and ransomware – the cyber world is roaring with incidents of cyber breaches. The digital workspace has become a battlefield, and to become a better cyber warrior, an organization or individual needs to be abreast of the latest security updates across the globe. Here are the top headlines from the last week in cybersecurity
Fairfax County Public Schools Data Leaked Post Attack
The Fairfax County Public Schools of Virginia, which underwent a Maze attack last month, has now notified parents and employees of a data leak. The adversaries have uploaded all stolen files on the dark web, and there is nothing the district can do about it. The school district has not specified the nature or volume of data affected, but spokesperson Lucy Caldwell says that only a subset of students’ data was affected.
The district is taking necessary measures for protection against phishing. It is continuously working with the Virginia State Police and the FBI to investigate the attack and forward the findings to those affected. It shall also extend free credit-monitoring services to all affected district employees.
3 TB Home Camera Recordings Leaked
Home cameras used to monitor kids and the elderly are now the gateways for the adversaries to pry into your personal life. A recent report indicates that the adversaries hacked thousands of home Internet Protocol (IP) cameras to record live footage of people doing their daily chores. While some were recorded in the act of undressing, using toilets, or breastfeeding, others such as couples and children were seen engaging in their usual errands.
Recorded clips worth 3 TB were then uploaded and sold on explicit and x-rated websites. The hackers also provided lifetime access to these clips for a one-time payment of US$150. While victims of the attack mostly belong to countries like Singapore, Canada, South Korea, and Thailand, this breach serves as a lesson to all people using such surveillance devices to better plan their phishing prevention measures.
Ransomware Hits Seyfarth Shaw LLP
A ransomware attack recently hit the International law firm Seyfarth Shaw LLP which brought down many of its systems. Though the firm was quick to adopt phishing protection measures and shut down its email and other services, the malware could still encrypt some of its data.
So far, there is no evidence of a breach of client or firm data. The company is now working in collaboration with the FBI to investigate the attack and reinstate its systems at the earliest.
Beware Of Amazon Prime Day Scams
Online shoppers heartily await the Amazon Prime Day, and the fear of missing out makes them follow links or believe offers that come to their inbox from unsolicited sources. An analysis by the Fraud prevention company Bolster suggests that thousands of scammers are waiting to con an unaware or heedless user.
These scams appear in various forms, such as a fake Amazon website featuring too-good-to-be-true deals on Kindles, iPhone 11 Pro giveaway games, etc. Users are advised to remain vigilant and adopt phishing prevention tips such as checking email addresses of senders or grammatical errors in the email body. It is always advisable not to shop from links embedded in such random emails or ads online.
Data Breach at Intcomex Releases 1TB Data
Intcomex is a Miami-based provider of value-added solutions and technology products. The company underwent a cyberattack last month, and now the adversaries have released the data stolen from Intcomex on a Russian hacker forum for free. Around 1 TB of Intcomex users’ data has been stolen and is in the process of being leaked in parts, with the first made part available on 14th September and the second on 20th September. The leaked data includes credit card numbers, passport and license scans, personal data, payroll, financial documents, customer databases, employee information, and other sensitive details.
After detecting the attack, Intcomex has been proactively working on its anti-phishing solutions. They have collaborated with third-party cybersecurity experts and law enforcement. The attack hasn’t affected their services, but measures are being taken to inform and assist the affected individuals.
Cyberattack Hits Hackney Council London
London’s Hackney Council was recently hit by a significant cyberattack, which brought down many of its services and IT systems. As a result, some council services are experiencing temporary downtime. Their call center is receiving endless calls as well. Hence the Council has pleaded the public to cooperate as they work with the National Cyber Security Centre, the Ministry of Housing, external experts, communities, and local government to resolve the issue and restore services.
The Council has further notified people that measures from protection from phishing attacks are being taken. More details will be made known as and when they are found.
New Ransomware in Circulation
A new Ransomware-as-a-Service is in circulation among cybercriminals, which goes by the name of Fonix. It is fast spreading and infecting both the 64-bit and 32-bit variants of Windows-based systems.
Despite anti-phishing protection being active, Fonix spreads through general infection vectors like torrent trackers, malvertising campaigns, spam emails, fake software updates, downloads, etc. It uses encryption algorithms like AES, Salsa20, RSA, and Chacha and affects a system in many ways, such as creating a hidden service or disabling the task manager.
Adversaries Exploit Canva for Launching Phishing Attacks
The graphics design platform Canva is the recent target of the adversaries for launching phishing attacks. They have exploited the website to create and host phishing landing pages that try to steal victims’ log-in credentials.
The website allows users to share URLs of their designs of Canva, and it is this hosting facility that the attackers have abused. Cybersecurity firm Cofense discovered this loophole in Canva’s website. Though no anti-phishing measures have been adopted by the website so far, they have consciously removed all malicious files they could detect. But it isn’t a long-term solution to his massive threat factor hovering over the website’s goodwill.
Norway Accuses Russia of Attacking Its Parliament
The parliament of Norway underwent a cyberattack in August this year, and the government is now accusing Russia of having launched the attack. Both countries share a border in the Arctic and have had cordial relations until the annexation of the Crimean peninsula by Russia in 2014.
In 2018 too, Norway had arrested a Russian citizen on the grounds of attacking their parliament to extract information but had to release him later owing to lack of evidence. In the recent breach, they suspect Russia of initiating the attack on the parliament’s email system, although they haven’t disclosed what made them reach that conclusion.