Cybersecurity news provided by NetworkTigers on Monday, 18 October 2021.
SAN MATEO, CA — Google reports increase in state-backed hacking, Acer hacked for the second time this year, NFT marketplace had flaw that allowed hackers to steal crypto, Adobe updates security of multiple products, Microsoft releases multiple critical security updates, BBB provides tips for preventing fraud during holiday season, more than 90% of firms experienced supply chain breaches in 2021, Oregon optometry group suffers data breach, ransomware gang becoming more active in Europe, Australian healthcare firm hacked.
Google reports increase in state-backed hacking
Google reports that in 2021 it has sent out over 50,000 warnings to its users that they had been targeted by phishing or scam attempts perpetrated by state-sponsored hackers. Google says that this is a one third increase compared to data from the same period of time last year and attributes much of the activity to Russian-based hacking group FancyBear. The report, however, focuses on Iranian-backed hacking group APT35, also known as “Charming Kitten.” Read more.
Acer hacked for the second time this year
For the second time this year, Taiwanese computer manufacturer Acer has fallen victim to a cyberattack. A hacker group called “Desorden” is claiming responsibility for the attack, stating that they have stolen over 60 GB of the company’s data associated with 10,000 of their customers. The system attack is located in India, and Acer says that the incident is not affecting their regular operations. Read more.
NFT marketplace had flaw that allowed hackers to steal crypto
Researchers have discovered that OpenSea, the internet’s largest NFT marketplace, contained a critical flaw that may have allowed bad actors access to others’ currency with the use of a specially designed token. A novel manner in which to inject an unsuspecting victim with malware, this vulnerability highlights the need for cybersecurity measures to keep pace with the quickly evolving world of crypto. Read more.
Adobe updates security of multiple products
Adobe has recently released critical updates that close vulnerabilities that unauthorized users could take advantage of in order to take control of a targeted system. Affected products include Acrobat and Reader, Connect, Reader Mobile and more. CISA and Adobe encourage users to apply any updates immediately. Read more.
Microsoft releases multiple critical security updates
Microsoft has released patches across multiple products intended to fix zero-day vulnerabilities and other security weaknesses. The company is urging all users of their software to update immediately, as one of these vulnerabilities has already been exploited and research suggests that efforts to penetrate through the others has been ongoing. Read more.
BBB provides tips for preventing fraud during holiday season
As experts expect cases of online fraud and cybercrime to escalate through the holiday season, the Better Business Bureau has released a list of tips for both consumers and business owners alike to help protect themselves. With the increase in online shopping over the last year due to the pandemic has come a dramatic increase in e-commerce fraud, phishing scams and credit card theft. Read more.
More than 90% of firms experienced supply chain breaches in 2021
According to a report compiled by BlueVoyant, 93% of global organizations experienced a data breach directly related to vulnerabilities in the third parties that make up their supply chains. The data shows a 37% increase in occurrences compared to last year’s information. The increase highlights the need for companies to invest fully in more robust cybersecurity protocols when it comes to third party involvement in their operations. Read more.
Oregon optometry group suffers data breach
Oregon Eye Specialists, a network of six optometry offices throughout Portland, Oregon, has reported that it has suffered a data breach after experiencing unauthorized activity on their internal email accounts. Patient data including medical record numbers, birth dates, health insurance policy numbers and more is said to have been exposed. The breach occurred between June 29th and August 31st, 2021. Read more.
Ransomware gang becoming more active in Europe
FIN12, a well-established ransomware gang thought to be based in Russia, has largely focused on healthcare sector targets in North America since their inception in 2018. However, new activity from the group shows that they have been rapidly expanding into targets in Europe. The group uses Ryuk ransomware to engage in extortion schemes that focus on companies with a value of $300 million or more. Read more.
Australian healthcare firm hacked
Macquarie Health Corporation, an Australian healthcare firm, has confirmed that it has been the victim of a cyberattack that was carried out against the company last week. The hackers have claimed to have stolen 225 GB of data including medical and legal documents as well as passwords associated with PayPal, Amazon and Facebook. The data has been posted for sale on the dark web. Read more.
More cybersecurity news
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses and individuals globally. www.networktigers.com
Mike Syiek, CEO
1029 S. Claremont Ave
San Mateo, CA 94402