Cybersecurity news provided by NetworkTigers on Monday, 13 December 2021.
SAN MATEO, CA — “Log4Shell” flaw possibly the biggest security risk seen in modern computing, Volvo’s R&D info stolen in cyberattack, Brazil’s Ministry of Health attacked, hacker impersonates support agent to access cable company data, hack believed to affect over 1 million devices, allegedly China-sponsored cyberattack nearly cuts power to Australians, hotel chain cyberattack exposes data, locks out guests, Microsoft battles malicious Chinese websites, Maryland Department of Health hacked, Cuba ransomware has already extorted almost $50 million, hackers steal $196 million in crypto breach.
“Log4Shell” flaw possibly the biggest security risk seen in modern computing
A flaw called “Log4Shell” was discovered in a widely used logging tool present in cloud services across all industries. The vulnerability allows an unauthorized user to access networks for spying, data theft, malware infection and more. The exploit is especially dangerous because of its widespread presence and because it can be so easily leveraged by hackers. Companies and organizations are scrambling to patch the flaw as criminals have already begun taking advantage of the vulnerability. Read more.
Volvo’s R&D info stolen in cyberattack
Auto maker Volva has reported that a cyberattack has resulted in the theft of a portion of the company’s R&D data. The company states that when unauthorized access to its system was detected, it immediately took action to prevent further snooping. A ransomware group called Snatch has claimed responsibility for the theft, and has already posted a portion of the stolen information online. Read more.
Brazil’s Ministry of Health attacked
Websites associated with Brazil’s Ministry of Health have been hacked, leaving millions of users unable to access COVID-19 health data and vaccination information. The hack, a ransomware attack carried out by a group called Lapsus$, was carried out on December 10th. The Ministry of Health has not yet made a statement regarding how they intend to solve the issue or mitigate the damage caused by the hack. Read more.
Hacker impersonates support agent to access cable company data
Cox Communications, a US cable service provider, has reportedly suffered a data breach due to an individual impersonating a support agent in order to gain access to customer data. The company has said little about how the breach took place, but is urging customers to change their passwords and offering a year of free credit monitoring to those affected. This is the second hack that Cox has sustained this year, although they appear unrelated. Read more.
Hack believed to affect over 1 million devices
Tech giant Google has sued two Russian individuals believed to be behind the Glupteba botnet, a type of malware that can allow unauthorized control over a Windows PC. It is believed that the operation the two people were operating has infected more than 1 million PCs. Glupteba allows for the theft of personal data and makes it possible for your computer to be used to mine cryptocurrency. Read more.
Allegedly China-sponsored cyberattack nearly cuts power to Australians
CS Energy’s Queensland-based coal plants were targeted by what is believed to be a China-sponsored cyberattack that came within minutes of cutting off the power to the homes of three million Australian citizens. The power plant IT workers had to act quickly to prevent the attack from spreading to the systems that control the company’s generators. According to those with knowledge of the attack, the hackers were approximately 30 minutes away from cutting the plant’s power output. Read more.
Hotel chain cyberattack exposes data, locks out guests
Nordic Choice, a leading Scandinavian hotel chain, has suffered a cyberattack that has reportedly exposed customer data and locked current guests out of their rooms. The incident has forced hotel staff to personally escort guests to their reserved rooms, as many locations’ keycards have not been functional. The chain says that the attackers have not contacted them, nor have they engaged in any way with the criminals. Read more.
Microsoft battles malicious Chinese websites
Microsoft has seized 42 websites from a Chinese hacking group called Nickel. The US-based websites were being used by the group for phishing scams and malware installations used for surveillance and data gathering. A court has turned the websites over to Microsoft and placed a temporary restraining order on the hackers responsible. Read more.
Maryland Department of Health hacked
The Maryland Department of Health has had its website taken offline in what appears to have been a ransomware attack against the organization. Reportedly, the site was taken down by the Department itself in an “abundance of caution” after experiencing a “network security incident.” Details pertaining to the attack specifically, and when users can expect the website to return to functionality, are not available at this time. The Maryland Department of Health is currently working with authorities to address the issue. Read more.
Cuba ransomware has already extorted almost $50 million
Cuba ransomware, a variant believed to have become active in January of 2020, has already amassed nearly $50 million in extortions since its inception, according to the FBI. Industries targeted by Cuba are typically in IT, infrastructure, healthcare and other sectors in which a freeze in service can have devastating effects. The FBI is currently requesting that any organization experiencing ransomware activity report all of their data to the authorities. Read more.
Hackers steal $196 million in crypto breach
Bitmart, a cryptocurrency trading platform, has reportedly suffered a breach in which hackers have stolen nearly $200 million worth of crypto. Bitmart has temporarily frozen all withdrawals as they perform security reviews. The company says that, at this point in time, it is not clear how the hackers were able to gain access to the funds that they stole. Read more.
More cybersecurity news
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses and individuals globally. www.networktigers.com