Cybersecurity news provided by NetworkTigers on Monday, 6 December 2021.
SAN MATEO, CA — Printers hacked to deliver pro-labor rights messages, NSO spyware used on US State Department employees, phishing scammers capitalize on Omicron coronavirus anxiety, Double extortion ransomware attacks increase by 935%, os Angeles Planned Parenthood hit with ransomware, DNA testing firm breached, new “Sabbath” ransomware operation discovered, Panasonic hacked, criminals using Google Cloud accounts to mine crypto, 9.3 million Android users have downloaded “Trojanized” games.
Printers hacked to deliver pro-labor rights messages
Reports of receipt printers delivering pro-labor rights statements to offices around the US have been appearing on Reddit’s anti-work subreddit. The printers have seemingly been hijacked by a currently unknown hacktivist individual or group in an effort to distribute the messaging indiscriminately, with no particular company or printer being in the crosshairs. Thousands of printers are reported to have been targeted. Read more.
NSO spyware used on US State Department employees
NSO’s Pegasus spyware has been found on nine Apple iPhones belonging to employees at the US State Department. NSO, a surveillance software company based in Israel, maintains that it only sells its products to government and law enforcement agencies and has reportedly canceled access to those associated with the State Department users. The Biden administration has recently condemned the NSO citing the abuse of their products. Read more.
Phishing scammers capitalize on Omicron coronavirus anxiety
Online scammers, in response to anxiety over the Omicron variant of COVID-19, have initiated phishing campaigns that warn victims that they require new tests in order to determine if they have been infected by the virus. The emails ask users to click a link that directs them to a fake NHS site and proceeds to ask them to enter personal information, as well as their mother’s maiden name. The site also asks for a payment, which is believed to allow the scammers access to financial information. Read more.
Double extortion ransomware attacks increase by 935%
From the latter half of 2020 through the first half of 2021, research detailed in Group-IB’s Hi-Tech Crime Trends 2021/2022 has indicated that double extortion ransomware attacks have increased by an astounding 935%. Researchers say that the prevalence of vendors providing ransomware-as-a-service has contributed to the rise in attacks and extortion attempts, with many victims finding their data posted online in spite of having paid a ransom to salvage it. Read more.
Los Angeles Planned Parenthood hit with ransomware
Between October 9 and October 17, a hacker had accessed Los Angeles California’s Planned Parenthood and installed malicious software that allowed them to steal information related to 400,000 patients. The data stolen includes names, addresses, medical information such as prescriptions and procedures and more. According to a spokesperson for the center, the unauthorized user initiated a ransomware attack against the organization. It is not currently known if the ransom was paid. Read more.
DNA testing firm breached
Ohio’s DNA Diagnostics Center has suffered a data breach between May 24 and July 28, 2021. The hack has exposed sensitive information such as credit card, debit card, CCV and financial account numbers as well as website passwords and full names. According to the company, the compromised database is related to backup data from 2004 to 2012 and is not linked to any active systems. Read more.
New “Sabbath” ransomware operation discovered
A new ransomware operation calling themselves “Sabbath” has been detected. The group, believed to have been formed in September before becoming active in October, has been able to fly under the radar thus far due to their size relative to other ransomware gangs as well as their usage of modified techniques that evade some of the typical hallmarks that allow ransomware to be flagged. Experts believe that Sabbath may be the ransomware group Arcane operating under a new name. Read more.
Japanese electronics and tech company Panasonic has reportedly suffered a breach in which an unauthorized third party had gained access to its network. The breach is said to have been active from June 22 up until November 3. However, it was not detected until November 11. Panasonic is currently working with authorities to determine what data was accessed during the breach. Read more.
Criminals using Google Cloud accounts to mine crypto
Hackers have been using Google Cloud Platform to mine cryptocurrency, generate YoutTube Traffic and manage phishing campaigns according to a report from the company’s Cybersecurity Action Team. Most intrusions are attributed to poor password hygiene while others were the result of vulnerable third party applications or leaked credentials. Read more.
9.3 million Android users have downloaded “Trojanized” games
Researchers at security vendor Doctor Web have reported that 9.3 million Android users have downloaded games containing malicious code from AppGallery, the official app store from Huawei Android. The games ask for various permissions from the user. After having granted them permission, most of the apps use the data they have access to in order to run ads. However, some apps are more akin to spyware and siphon off user data that can be leveraged for other means. Read more.
More cybersecurity news
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses and individuals globally. www.networktigers.com