Cybersecurity news provided by NetworkTigers on Monday, 15 November 2021.
SAN MATEO, CA — FBI email server hacked, fraudulent emails sent, hackers breach Australian water supplier, Pentagon creates Zero Trust Office, Ohio medical center reeling from cyberattack, hackers leak police security footage, Toronto transit system hacked, Microsoft urges Zoho users to patch, U.S. charges Ukrainian national over ransomware attacks, stock trading platform Robinhood attacked with ransomware, Florida laboratory hack affects over 30,000 patients, suspected Chinese spy campaign discovered.
FBI email server hacked, fraudulent emails sent
The FBI, having just last week sent out a notice meant to increase awareness of cyberattacks on financial institutions, has found itself on the receiving end of one. Hackers have apparently breached the organization’s email server in order to send a fraudulent email to thousands of recipients. The mysterious email warned of an imminent cyberattack and goes on to absurdly accuse digital investigator and cybersecurity researcher Vinny Troia of being the “threat actor” responsible. No malicious attachments were included in the email, leading experts to believe that the hack was carried out for bragging rights as opposed to state-sponsored disruption. Read more.
Hackers breach Australian water supplier
Sunwater, one of Australia’s largest water suppliers, has been experiencing a security breach for nine months according to a report issued by the Queensland Audit Office. Occurring between August 2020 and May 2021, the breach allowed unauthorized access to Sunwater’s server. The breach did not result in any adverse effects to Australian citizens and the vulnerability has reportedly been patched. Read more.
Pentagon creates Zero Trust Office
This December, the U.S. Pentagon will see the opening of a dedicated Zero Trust office as part of the Biden administration’s continued efforts to bolster, modernize and improve the cybersecurity of the country’s federal agencies in the wake of a series of high profile breaches. Zero Trust is is relatively new cybersecurity trend that requires the segmentation of networks and constant verification in order to prevent unauthorized users from moving laterally within systems once they have breached them. Read more.
Ohio medical center reeling from cyberattack
Portsmouth, Ohio’s Southern Ohio Medical Center has been hacked in what the company is calling a “targeted” cyberattack against its servers. The attack has resulted in procedures being rescheduled and ambulances being forced to divert to other hospitals. The attack has not disrupted the care of patients currently in the hospital and authorities are investigating the crime. Read more.
Hackers leak police security footage
Footage from police departments in both Dallas, Texas and Atlanta, Georgia have been posted online by Distributed Denial of Secrets, a hacktivist collective with a focus on transparency in law enforcement and far right groups. The leaked footage reveals police surveillance that features military-grade technology that allows law enforcement to view people behind walls using infrared cameras and high resolution footage of individuals on the ground taken from police helicopters. Distributed Denial of Secrets says that the footage was submitted by an unnamed source. Read more.
Toronto transit system hacked
Last month, the Toronto Transit Commission (TCC) fell victim to a ransomware attack. The TCC has reported that the attack had exposed the personal information of more than 25,000 employees, some of whom were no longer working for the organization. The data breached includes home addresses, Social Insurance Numbers and names. The TCC has stated that no misuse of the data has been detected, but is offering individuals free credit monitoring services. Read more.
Microsoft urges Zoho users to patch
Users of Microsoft’s Zoho ManageEngine ADSelfService Plus are being urged by the company to immediately patch their software in order to fix a vulnerability that has been leveraged by a Chinese hacking collective known as DEV-0322. The flaw in Zoho allows a remote user to hijack a targeted system, potentially collecting data for purposes of espionage. Read more.
U.S. charges Ukrainian national over ransomware attacks
22 year old Yaraslov Vasinskyi, a Ukrainian man arrested last month in Poland, is being accused of deploying REvil ransomware against Florida-based company Kaseya earlier this year. The hack affected more than a thousand businesses all over the world. Vasinskyi will join Russian national Yevgeniy Polyanin in being charged with conspiracy to commit fraud and conspiracy to commit money laundering. The charges signal a key development in the Biden administration’s assertion that it will continue to pursue cybercriminals internationally. Read more.
Stock trading platform Robinhood attacked with ransomware
Robinhood, a stock trading platform that gained notoriety during GameStop’s stock market turmoil, has reported that it suffered a data breach on November 3rd of this year that has affected 7 million customers. Varying amounts of data associated with the affected users has been compromised, from emails to zip codes and mailing addresses. Robinhood stated that no financial or critical data has been exposed. The company is working with the authorities and is contacting those affected. Read more.
Florida laboratory hack affects over 30,000 patients
Nationwide Laboratory Services, a laboratory based in Boca Raton, Florida, suffered a ransomware attack in May that resulted in the exposure of personal data related to over 30,000 patients. According to the company, the attack has not affected all patients and different information was exposed in different individual cases. The lab states that no evidence of the data being misused has been detected. Read more.
Suspected Chinese spy campaign discovered
Palo Alto Networks, a cybersecurity firm, has reported that it has uncovered a widespread hacking campaign that has the trademarks of a state-sponsored espionage effort. Hacks across the sectors of defense, healthcare, technology and education contain evidence that links them to Chinese government-backed hacking group Emissary Panda. The hackers have been using a vulnerability within Zoho software. All organizations are urged to update and patch Zoho immediately. Read more.
More cybersecurity news
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses and individuals globally. www.networktigers.com
Mike Syiek, CEO
1029 S. Claremont Ave
San Mateo, CA 94402