Sunday, May 28, 2023
HomeAll ArticlesCybersecurity news weekly roundup June 13, 2022

Cybersecurity news weekly roundup June 13, 2022

SAN MATEO, CA, June 13, 2022 — Cybersecurity news weekly roundup. Stories, news, politics and events impacting the network security industry during the last week. Brought to you by NetworkTigers.

First quarter of 2022 sees phishing attacks at all time high

According to the Anti Phishing Working Group (APWG), phishing attacks in the first quarter of 2022 have reached an all time record having surpasses one million for the first time. March of this year was the worst month yet recorded with more than 384,000 attacks logged. The majority of the attempts targeted financial organizations. Read more.

US water utilities vulnerable to cyberattack

US water utility providers remain underprepared for cyberattacks, according to a statement from the Center on Cyber and Technology Innovation (CCTI) and the Cyberspace Solarium Commission (CSC 2.0). Due to the decentralized nature of facilities that serve small towns, many plants are understaffed and do not have the budgetary means to create a robust defense system. Read more.

Average American has suffered 7 data breaches since 2004

A report from Surfshark reveals that US citizens face a greater number of online threats than the rest of the world with around 15% of all breached users globally being American. Most of these breaches occur as a result of poor password hygiene and a lack of adherence to basic cybersecurity principles. The data shows that the average American has had at least seven instances of their data being breached since 2004. Read more.

Paying after ransomware attack increases likelihood of further hacks

According to Cybereason’s April ransomware survey, victims of ransomware attacks who paid their attackers were often attacked repeatedly as a result. Furthermore, the data shows that often the data returned to the victim is corrupted due to the decryption process. The report shows that nearly 50% of those who paid their attackers fell victim to a subsequent attack within 7-10 days. Read more.

Chinese hackers breach US telecoms

In a joint security advisory, CISA, the FBI and the NSA has reported that state-sponsored Chinese hackers have been hard at work breaching telecom companies to nab credentials and data. The advisory describes how hackers used known vulnerabilities to hack into everything from major networks to unpatched personal routers. The government agencies are urging all to update their systems to the latest software versions and ensure that all patches are installed properly. Read more.

FBI shuts down SSNDOB black market

In a collaboration between the FBI and International authorities, the domain belonging to SSNDOB has been seized. SSNDOB is a popular marketplace for purchasing Social Security numbers and other stolen personal data with Bitcoin. Data for more than 24 million people from the US, as it largely focused on information belonging to American citizens. Much of the data posted on the site was obtained via healthcare breaches. Read more.

2 million people affected in Massachusetts healthcare breach

Massachusetts-based Shields Healthcare Group has reported that is suffered a a breach that has potentially impacted 2 million people. In late March, an individual gained unauthorized access to information including Social Security numbers, full names and a wealth of personal health information. Shields Healthcare Group has over 30 locations in the New England area. Read more.

CISA initiates “More Than A Password” social media campaign

In an effort to increase the implementation of multi-factor identification among the public and businesses, CISA has initiated a social media campaign called “More Than A Password.” The most common password in the US is “12345” and hackers take advantage of lax password hygiene and habits employed by everyone from small business owners and individuals to high level executives and more. Read more.

QBot malware used to push Black Basta ransomware

The Black Basta ransomware gang has teamed up with the purveyors of QBot malware to spread their ransomware through infected systems. Qbot is technically a banking trojan that steals login credentials on Windows systems. However, QBot’s devs have collaborated with a number of ransomware gangs, allowing them to piggyback on the malware, which is usually spread via phishing. Read more.

Bored Ape Yacht Club (BAYC), one of the internet’s leading NFT collectives, has been hacked. The hack was carried out due to a successful phishing attack that impersonated the community’s manager, Boris Vagner, after using his Discord login credentials. Thieves made off with $360,000 worth of Ethereum cryptocurrency. Read more.

Russia’s Ministry of Construction site hacked

Russia’s Ministry of Construction’s website has reportedly been hacked, now leading to a site that says “Glory to Ukraine.” While hacktivist collective Anonymous has declared war against the country’s government in response to the invasion of Ukraine, it is not currently known who is responsible. Russia’s state news agency has relayed information that states that no personal data was stolen in the hack. Read more.

More cybersecurity news

Derek Walborn
Derek Walborn
Derek Walborn is a freelance research-based technical writer. He has worked as a content QA analyst for AT&T and Pernod Ricard.

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You might also like

Stay Connected

Must Read

Related News

Share it with your friends:

Cybersecurity news weekly roundup June 13, 2022