Cybersecurity news provided by NetworkTigers on Monday, 21 March 2022.
SAN MATEO, CA — South Denver Cardiology suffers cyberattack, ASUS routers vulnerable to malware, Russian government websites face powerful cyberattacks, tax season sees usual uptick in fraudulent “IRS” emails, hacked Ukrainian TV station broadcasts fake surrender announcement, Google Play Store swarming with trojans, Israel’s government websites taken down in cyberattack, Ukraine’s “IT army” contains international volunteers, Anonymous hacks Russian security cameras, alleged game cheat codes lead victims to malware, second Toyota supplier is hit with cyberattack.
South Denver Cardiology suffers cyberattack
Colorado’s South Denver Cardiology experienced a cyberattack in January of this year in which more than 287,000 patients had their health data exposed. The organization said that no damage was done to its network or operations, although personal data included Social Security numbers and health information was compromised. No mention of data being exfiltrated has been reported. Read more.
ASUS routers vulnerable to malware
Electronic manufacturer ASUS has issued a warning that a number of routers they produce are vulnerable to Cyclops Blink malware. The malware, linked to Russian hacking group Sandworm, features a new module that specifically targets ASUS routers and can allow threat actors remote access to compromised networks. ASUS has not yet released a firmware update to address this exploit. Read more.
Russian government websites face powerful cyberattacks
Russia’s Ministry of Digital Development and Communications has reported that powerful cyberattacks are disabling government websites in what they are calling an “unprecedented” wave of hacks. A number of official sites have been defaced with anti-war and/or pro-Ukraine messaging. Other sites have faced overwhelming denial of service attacks. Read more.
Tax season sees usual uptick in fraudulent “IRS” emails
The IRS does not communicate via email, but that hasn’t stopped scammers from attempting to trick people into opening malicious links via phishing scams. The Emotet botnet is an especially popular piece of malware that criminals are using to take advantage of those who open attachments that appear to have been sent from the IRS. Last year the Federal Trade Commission reported that around 89,000 people were victimized by scammers impersonating the IRS. Read more.
Hacked Ukrainian TV station broadcasts fake surrender announcement
Ukraine 24, a Ukrainian TV station, has transmitted a fraudulent announcement in which it reported that the country’s President Zelenskyy had surrendered to Russia. The station blamed the broadcast on “enemy hackers” and Zelenskyy quickly took to YouTube to contradict the announcement and say that Ukraine will continue the fight until Russia’s defeat. Read more.
Google Play Store swarming with trojans
The Google Play Store, already a minefield of malware masquerading as legitimate apps and utilities, has seen a recent spike in trojan activity. From photo editing apps to cryptocurrency management tools, threat actors have found a number of ways to hide malicious code within seemingly innocuous programs. One app in particular has been downloaded over 500,000 times. Avoid these apps by reading user reviews and researching the developers. Read more.
Israel’s government websites taken down in cyberattack
A major cyberattack on Monday evening took down a number of Israeli government websites. While Israeli authorities have yet to publicly declare who may be responsible, the actions point towards a state-sponsored campaign and many feel that the attack is a continuation of the back and forth between Israel and Iran as they antagonize one another’s cyberspace. An Iran-linked hacker group has also allegedly taken credit for the attack. Read more.
Ukraine’s “IT army” contains international volunteers
From Switzerland to New York and Lithuania, hundreds of thousands have answered Ukraine’s call for volunteers in the country’s “IT army.” Motivations vary, from disrupting Russian equipment to circumventing censorship laws in order to reach the common people, but all are united by the desire to maintain a free, independent Ukraine in spite of the possibility of becoming a “military target” due to their involvement. Read more.
Anonymous hacks Russian security cameras
Anonymous and its affiliate groups have reportedly hacked into more than 400 CCTV cameras in “deep Russia.” The cameras now display pro-Ukraine messaging. Anonymous states that the cameras have been hacked in order to help communicate the truth about Russia’s aggression to those who live well within the country’s interior, but says it is working on hacking cameras closer to the conflict so that they can possibly be used for “recon.” Read more.
Alleged game cheat codes lead victims to malware
RedLine, a type of malware that is designed to steal information from victims, has been seen being distributed through a campaign that lures people in with the promise of cheat codes for the video game Valorant. The campaign is being propagated via YouTube and users are encouraged not to click on any links that claim to lead to cheats for any game as they can sometimes contain malicious code. Read more.
Second Toyota supplier is hit with cyberattack
Denso, a major supplier for Toyota, was hit with a cyberattack last week. The company, having “promptly responded” to the incident, did not suffer any major disruptions as a result. Denso was seemingly hacked by the group Pandora, who threatened to reveal the company’s trade secrets and proprietary information on the dark web. Read more.
More cybersecurity news
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses, health care and government agencies globally. www.networktigers.com
NetworkTigers provides the latest industry and cybersecurity news in a weekly roundup at news.networktigers.com.