Cybersecurity news provided by NetworkTigers on Monday, 03 May 2021.
SAN MATEO, CA — Homeland security outlines Russian cybertactics, Israeli security company surveillance devices vulnerable, California clinic suffers data breach, five federal civilian agencies breached by hackers, personal health data of 37,000 Pennsylvanians exposed, University of California student data leaked, cloud infrastructure company discloses data breach but not the vulnerability that led to it, two new phishing scams impersonate Chase Bank, Apple closes security gap that allows unauthorized users full control of computers, cybercriminals threaten to release names of undercover cops, personal information of prominent musicians leaked, Texas oil drilling company Gyrodata suffered ransomware attack.
Homeland Security issues warning about Russian cyberattack tactics
Federal law enforcement and the Department of Homeland Security have issued a warning to U.S. IT companies, government entities, and policy makers regarding the strategies most often used by the Russian Foreign Intelligence Service (SVR) to access data for political gain. The document contains explanations of the methods used as well as recommendations for defending against them and mitigating the risk of an attack. Read more.
Hack of surveillance technology could create obstacles for criminal cases and law enforcement
It’s been discovered that a vulnerability exists within Israeli security company Cellebrite’s surveillance devices that law enforcement uses to download information from suspects’ phones. The weakness allows someone to plant code on a phone that can take control of Cellebrite’s hardware and rewrite its data. The vulnerability has the potential to make evidence gained from Cellebrite’s devices unreliable and therefore useless in criminal investigations and trials. Cellebrite has issued an update for its products to address the vulnerability and has also stated that it has not seen an instance where it was used to modify data. Read more.
Healthcare clinic suffers data breach
California healthcare clinic St. John’s Well Child and Family Center has reported that it suffered a data breach in February. Data exposed includes current and former patient names, birthdates, contact information, PIN numbers, medical information, and insurance information. The clinic has not yet revealed specifics regarding how the information was exposed or whether human error or malicious actors may be at fault. Affected individuals have been notified and a call center has been set up specifically for issues related to the breach. Read more.
Suspected Chinese hackers breach U.S. federal agencies using Pulse Secure VPN vulnerability
A recent report reveals that at least five federal civilian agencies have been breached by hackers. While it is currently thought that the hackers are tied to China, the U.S. government has not made an official statement regarding the responsibility of the attack. The hackers gained unauthorized access by exploiting a vulnerability in Pulse Secure VPN. CISA has identified 24 federal civilian agencies that use Pulse Secure VPN, but has not yet made a declaration as to whether or not they too have been compromised. Read more.
Contact tracing data breach exposes health data
The personal health information of 37,000 Pennsylvanians has been exposed after a data breach affected Insight Global, contracted to manage contact tracing data with regard to the spread of the coronavirus. The data was found to not be encrypted or otherwise protected by Insight Global, with said information merely shared via Google sheets. Contact Global is offering those affected credit monitoring services, and its contract with the Pennsylvania state government is expected not to be renewed when it expires at the end of July. Read more.
Students’ personal information leaked to dark web
The University of California was one of hundreds of institutions affected by a vulnerability affecting a piece of third party software created by Accellion. Recently, students have begun to discover that their personal information, including Social Security numbers and data related to their parents, has been made available on the dark web. UC has offered those affected a 12 month credit monitoring service, but many are arguing that the school is not doing enough to rectify the situation and provide victims with the resources they will need in order to prevent or mitigate the effects of identity theft. Read more.
DigitalOcean experiences breach of customer data
Cloud infrastructure company DataOcean has disclosed that it has experienced a breach that exposed customer names and billing addresses. The company said that only 1% of its total customer profiles were accessed without authorization, and it is not revealing what the vulnerability was that led to the leak that took place over the span of two weeks this month. DataOcean has assured users that the vulnerability has been fixed. Read more.
Fraudsters impersonate Chase Bank
Customers of JPMorgan Chase Bank are being urged to be vigilant, as two new schemes involving fraudsters impersonating the bank have been identified. The phishing scams attempt to obtain login credentials from users via email. One effort is designed to look like a credit card statement, while the other warns the recipient that their account has been locked. Both emails send users to a site asking them for their login information. Both emails closely resemble official correspondence from the bank. Read more.
Apple urges update to mitigate paralyzing Mac vulnerability
Apple is recommending that all users update their OS immediately following the reveal of a vulnerability in OS that allows malware to sneak past Apple’s typically tight security protocols. While the attack requires convincing a Mac user to download software outside of the App Store, once installed on the computer it allows an unauthorized user full remote control. Apple is confident that the patch closed the security gap, but some malicious activity related to the vulnerability has already been reported. Read more.
Cybercriminals threaten to reveal undercover cops in D.C. police department data breach
Cybercriminal group Bubak has attacked the D.C. police department and leaked some of its information onto the internet. The group claims to have stolen 250gb of data and is threatening to release it all online unless their ransom is met. The data is said to contain information related to undercover police informants. The D.C. police department is the third to be attacked in the last six weeks. Read more.
Online music marketplace Reverb.com leaks personal info of prominent musicians
5.6 million Reverb.com records containing names, email addresses, mailing addresses, and Paypal email addresses have been found leaked online. Information related to prominent musicians is amongst the vast stash of user data and includes members of The Smashing Pumpkins, Black Sabbath, and Nine Inch Nails. While the information is not critical, it is warned that it could be cross referenced with information gained from other breaches in order to attempt phishing scams. Read more.
Major U.S. oil drilling company reveals data leak
Houston, TX-based drilling company Gyrodata has revealed that it suffered a ransomware attack earlier this year with unauthorized access to its systems beginning in January and continuing through part of February. The data accessed, according to the company’s statement, includes the personal information of both current and former Gyrodata employees such as “names, addresses, dates of birth, driver’s license numbers, Social Security numbers, passport numbers, W-2 tax forms, and information related to health plan enrollment.” Gyrodata is urging vigilance from its employees and has set up a call center for those affected. Read more.
More cybersecurity news
Read more cybersecurity news and articles brought to you by NetworkTigers.
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses and individuals globally. www.networktigers.com
Mike Syiek, CEO
1029 S. Claremont Ave
San Mateo, CA 94402