SAN MATEO, CA, July 18, 2022 — Cybersecurity news weekly roundup. Stories, news, politics and events impacting the network security industry during the last week. Brought to you by NetworkTigers.
- Rhode Island sewer operator hit with cyberattack
- H0lyGh0st ransomware emerges from North Korea
- Cyberattacks targeting journalists on the rise
- Hacks on individuals decrease as criminals focus on businesses
- New “Lilith” ransomware operation launched
- 1.9 million patients exposed in healthcare breach
- Major phishing attack bypasses multi factor authentication
- Phishing scammers impersonate cybersecurity companies
- Major video game publisher attacked with ransomware
- Breach may have exposed 7.7 million LabCorp patients
Rhode Island sewer operator hit with cyberattack
The Narragansett Bay Commission responsible for sewer operations in Providence, Rhode Island has reported that it has been the victim of a cyberattack. The nature of the hack was not disclosed, although a spokesperson said that data had been “encrypted” in the incident which implies that ransomware was involved. The systems affected do not control sewer operations and there was no disruption to services. Read more.
H0lyGh0st ransomware emerges from North Korea
Microsoft has determined that instances of ransomware called H0lyGh0st, having just emerged within the last year, are tied to North Korean state hackers. Using double extortion tactics, the hackers seek finances for the North Korean government in the form of Bitcoin. H0lyGh0st hackers claim to legitimize their actions by drawing attention to targeted victims’ security lapses. Read more.
Cyberattacks targeting journalists on the rise
Researchers at ProofPoint have found that APT groups are focusing heavily on hacking journalists, in some cases impersonating media outlets to gain access to sensitive information. The attacks saw an increase during the 2021 US election. Researchers have noted that the major purveyors of this type of espionage, thus far, are hackers based in China and Iran. Read more.
Hacks on individuals decrease as criminals focus on businesses
According to data from the Identity Theft Research Center (ITRC), hacks that target individuals have decreased by around 45% compared to the first half of 2021. Researchers believe this is because hackers have shifted their focus to businesses via supply chain hacks and email compromises. The ITRC, however, notes that the data may not entirely represent current trends and some breach details go unreported. Read more.
New “Lilith” ransomware operation launched
“Lilith” is the name given to a ransomware operation that just recently made itself known. Lilith takes the form of double extortion ransomware, a growing trend among cybercriminals who need to increase the pressure on their victims. The outfit’s first target was a major South American construction company. Read more.
1.9 million patients exposed in healthcare breach
Professional Finance, a third party bill collector in the healthcare industry, has suffered a ransomware attack that has resulted in the exposure of the personal information of 1.9 million people. The hack has affected patients from a wide range of health service organizations from doctors to dentists, most of them in the southwest US. Read more.
Major phishing attack bypasses multi factor authentication
A newly discovered phishing campaign is dependent on adversary in the middle (AiTM) phishing sites that allow hackers to steal passwords and session cookies. The scam, uncovered by Microsoft researchers, is believed to have been active since September of 2021. The use of AiTM sites is becoming a popular tactic used by hackers to get around the use of multi factor authentication. Read more.
Phishing scammers impersonate cybersecurity companies
A new trend in which scammers are impersonating cybersecurity firms has emerged. While phishing scams typically depend on links to malicious websites embedded in an email, these “callback” campaigns actually include a phone number that a victim is said to have to call to cancel a subscription or discuss some other issue. The caller is then told to download remote access software. Read more.
Major video game publisher attacked with ransomware
Bandai Namco, a major video game publisher best known for owning the rights to Pac-Man, has been hacked. According to a tweet from vx-underground, a group that monitors malware source code, the company has suffered a ransomware attack at the hands of the BlackCat hacker gang. The attack follows the recent trend of video game publishers and hardware manufacturers finding themselves targeted. Read more.
Breach may have exposed 7.7 million LabCorp patients
The American Medical Collection Agency, a third party company tasked with billing collections for Quest Diagnostics, recently reported that it had suffered a breach that may have exposed data belonging to more than 11 million patients. It is believed that 7.7 million LabCorp patients may have also had their information, such as addresses, first and last names, birthdates, phone numbers and more, leaked in the exposure. Read more.