Cybersecurity news provided by NetworkTigers on Monday, 05 July 2021.
CLAREMONT, CA — Russian state hacker group “Fancy Bear” engaged in widespread, global campaign, tatack on Florida IT firm results in attack on 200 businesses, truck manufacturer’s data leaked online, hacked LimeVPN data for sale on Dark Web, more than half of reported healthcare industry breaches from vendors, Germany dodges cyberattack on banks, data stolen from Las Vegas hospital, LinkedIn breach leaks data for 92% of users, new cybersecurity technology being developed, Kentucky healthcare system exposes patient data, Missouri school district bolsters cybersecurity defenses, FireEye CEO: Rise of crypto currency to blame for rise in ransomware attacks, Graduates greeted with data breach.
Russian state hacker group “Fancy Bear” engaged in widespread, global campaign
As the Solar Winds hack continues to be dissected, it has been doing that Russia’s Unit 26165 of Russia’s GRU military intelligence agency, more widely known as “Fancy Bear,” has been engaged in a long term and far-reaching brute force password guessing campaign. Research has concluded that the group has been attempting to access hundreds of networks the world over using basic but often effective techniques. Read more.
Attack on Florida IT firm results in attack on 200 businesses
According to a report from cybersecurity company Huntress Labs, an attack on Miami-based IT firm Kaseya has resulted in 200 businesses falling victim to ransomware. According to Kaseya’s website, a tool that the company uses to reach into corporate networks across the country has been potentially compromised. The exploit has resulted in what Huntress Labs has referred to as a “colossal and devastating supply chain attack.” Huntress believes that ransomware gang REvil may be the perpetrators of the attack. Read more.
Truck manufacturer’s data leaked online
Navistar International, manufacturer of tractor trucks and military vehicles, has had its data leaked and posted online. The data has appeared on black marketplace Marketo, and the posting occurs less than a month after the company disclosed that it had been the victim of a cyber attack. The data appears to be legitimate, and the appearance of the data does not shed any particular light on how it was obtained. Read more.
Hacked LimeVPN data for sale on Dark Web
A hacker claims to have stolen the entire user database of VPN company LimeVPN, and put the information for sale on RaidForums, a popular marketplace for stolen information. Additionally, the hacker has also allegedly taken LimeVPN’s website offline. Even though LimeVPN is not a major VPN provider, the fact that it has had its database stolen raises concerns that VPN security may not be as robust as many believe. Read more.
More than half of reported healthcare industry breaches from vendors
60% of all reported healthcare industry data breaches so far in 2021 are associated with weak cybersecurity from third party vendors. Nearly 16 million patients have had their personal health information compromised in a breach so far this year as ransomware and other cyberattacks have increased in frequency. Providers are being urged to strictly monitor and vet the security integrity and protocols of third party vendors used to handle sensitive information. Read more.
Germany dodges cyberattack on banks
An allegedly Russian-backed hacker group “Fancy Lazerus” attempted to carry out a cyberattack on Germany’s critical infrastructure and banking institutions. The attack was snuffed out, according to German authorities, before any serious or long-lasting damage was done. The impact was, reportedly, “very minimal.” Speculation leads many to believe that the attack was meant to be an act of vengeance with regard to Germany’s support of sanctions being placed on Russia for their hacking activities. Read more.
Data stolen from Las Vegas hospital
Las Vegas, Nevada’s University Medical Center said that it had sustained a data breach after a ransomware attack was carried out on the health care center by ransomware gang REvil. The gang has posted images of Social Security cards, livenses, and passports from the victims. The hospital is offering complimentary credit and identity monitoring services for those affected. Read more.
LinkedIn breach leaks data for 92% of users
A hacker has apparently misused the official LinkedIn API to download data associated with 700 million LinkedIn users, meaning that more than 92% of the site’s total user base has been affected. The hacker is looking to sell the data on the black market, and the information includes phone numbers, physical addresses, geolocation data, and inferred salaries. A sample of the data has been posted to legitimize the sale and research indicates that the information is both up to date and accurate. A similar breach occurred earlier this year in April, seemingly using the same tactic. Read more.
New cybersecurity technology being developed
Researchers at Columbia Engineering are developing new technology to help enhance cybersecurity amidst the rise in frequency and sophistication of cyberattacks. ZeRO and No-FAT are two new techniques developed that provide strict cybersecurity management and crash protection without the massive drain on system resources that current methods require. This would allow for faster detection of unauthorized activity. Both methods require little change to current programs for implementation. Read more.
Kentucky healthcare system exposes patient data
UofL Health, located in Louisville, Kentucky, is scrambling after accidentally emailing the health information of over 40,000 patients to an address outside of the health system’s network. UofL has said that the recipient of the email has not opened or accessed the data, and has not disclosed the nature of the information exposed. Free identity protection services have been offered to those affected. Read more.
Missouri school district bolsters cybersecurity defenses
Missouri’s Joplin School District is taking a proactive approach to cybersecurity. While so many other schools across the nation have fallen victim to ransomware attacks and security breaches, Joplin’s board has approved nearly $200,000 to be put towards detection and response services from Ponderurance MDR. Read more.
FireEye CEO: Rise of crypto currency to blame for rise in ransomware attacks
FireEye CEO Kevin Mandia has stated that he believes the rise in cryptocurrency like BitCoin has aligned directly with the rise in ransomware attacks because criminals feel that they can commit crimes and then be paid anonymously. Others don’t agree with his sentiment, saying that even crypto and blockchain are not completely anonymous and can still leave enough traces for investigators to solve crimes. Read more.
Graduates greeted with data breach
Herff Jones, popular supplier of graduation caps, gowns, and yearbooks has notified the families of an undisclosed number of students that the company suffered a data breach. The Herff Jones is offering credit monitoring services for those affected by the security lapse that resulted in suspicious activity regarding the payment information of customers. Read more.
More cybersecurity news
Read more cybersecurity news and articles brought to you by NetworkTigers.
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses and individuals globally. www.networktigers.com
Mike Syiek, CEO
1029 S. Claremont Ave
San Mateo, CA 94402