Cybersecurity news provided by NetworkTigers on Monday, 26 July 2021.
SAN MATEO, CA — Olympics could be cyberattack target, Florida’s unemployment website hacked, U.K. gun dealer hacked, NSO Group hack leaks phone numbers of 50,000 spyware victims, Mississippi cancer center experiences data breach, health insurance provider reports app hack attempt, iPhones can be hacked without user clicking link, China fires back against U.S. and cybersecurity allies, security flaw found in Dutch COVID-19 testing system, criminals using malware posing as Marvel’s “Black Widow” movie, International alliance blames China for Microsoft Exchange hack.
Olympics could be cyberattack target
The FBI is warning that the Olympics may be a target for state-sponsored cybercriminals. According to a statement by the FBI, the games are an opportunity for hackers to “sow confusion…and advance ideological goals,” under an international spotlight. The FBI is not currently aware of any specific threats against the Olympics at this time. Read more.
Florida’s unemployment website hacked
The Florida Department of Economic Opportunity has suffered a data breach that has exposed the accounts of 57,000 people. The breach occurred within the department’s CONNECT unemployment benefit system. The department has taken measures to mitigate and limit any disturbances related to the hack and has given those affected access to free credit and identity monitoring services. Read more.
U.K. gun dealer hacked
Guntrader.uk, a leading website used by U.K. residents to purchase rifles and shotguns, has reported that it suffered a security breach. The hack has led to 100,000 customer records being stolen and leaked onto the dark web. The hack has not resulted in any extortion attempts made against the company. Shoppers of the website are being urged to be vigilant regarding any suspicious online activity. Read more.
NSO Group hack leaks phone numbers of 50,000 spyware victims
NSO Group, the Israeli cyberweapons developer behind the Pegasus spyware, has been hacked with a huge amount of data being made available to reporters. NSO Group’s products are used extensively by the world’s authoritarian governments to spy on journalists, human rights advocates and dissidents. Included in the data trove is a list of 50,000 phone numbers associated with those being spied on by NSO Group, leading experts to believe that the organization is offering spyware as a service. Read more.
Mississippi cancer center experiences data breach
Mississippi’s Cancer Center of Greenwood Leflore Hospital has reported that some of its patients’ personal health data has been leaked in a breach involving third party Elektra’s cloud-based storage service. The data leaked includes Social Security numbers, addresses, names and medical information. No credit card or payment data was involved in the breach. The cancer center is taking phone calls for those with questions about their data. Read more.
Health insurance provider reports app hack attempt
Health insurer Humana is reporting that the breach of a third party app targeted Medicare Advantage members and agents. The app is unaffiliated with Humana. There is currently no evidence to suggest that any information was accessed or stolen in the attempt. Read more.
iPhones can be hacked without user clicking link
Amnesty International has reported that Apple iPhones can be hacked without the user ever having clicked a link. The organization has found NSO’s Pegasus malware on a number of phones belonging to journalists and human rights lawyers. The malware can allow unauthorized access to messages, emails and the phone’s microphone and camera. Read more.
China fires back against U.S. and cybersecurity allies
In response to a recent international alliance formed to create a unified front against Chinese state-sponsored cybercrime, Beijing has denied any involvement in the hack of Microsoft Exchange. Additionally, China has pointed the finger back at the U.S. Central Intelligence Agency, saying that it has been the international leader in state-sponsored hacks for the past 11 years. Read more.
Security flaw found in Dutch COVID-19 testing system
In a probe, researchers have discovered that unauthorized users could potentially create fake negative test results in the Dutch CoronaCheck app by editing two lines of leaked code accessible from Testcoronanu, a website associated with the Dutch government. The data leaked on the website also contained personal information of over 60,000 citizens who have taken a COVID-19 test with the company. The government has shut down the website. Read more.
Criminals using malware posing as Marvel’s “Black Widow” movie
Cyber criminals have been attempting to cash in on the popularity of Marvel’s “Black Widow” movie by creating phishing sites that pose as manners in which to view or download the film. The sites actually steal users’ credentials. Malicious files have also been circulating that impersonate the film, but in fact are filled with malware. Read more.
International alliance blames China for Microsoft Exchange hack
An alliance composed of NATO member states, the European Union, Australia, New Zealand and Japan has been created in order to collaborate and join forces against China, who the alliance is publicly blaming for the crippling hack of Microsoft Exchange earlier in the year. It has been determined that Hafnium, the group responsible for the attack, were on the Chinese state’s payroll. The alliance will share intelligence and work jointly to confront Chinese cyber aggression. Read more.
More cybersecurity news
Read more cybersecurity news and articles brought to you by NetworkTigers.
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses and individuals globally. www.networktigers.com
Mike Syiek, CEO
1029 S. Claremont Ave
San Mateo, CA 94402