Cybersecurity news provided by NetworkTigers on Monday, 17 January 2022.
SAN MATEO, CA — CISA and FBI issue joint cybersecurity advisory pertaining to Russian cyber threats, Ukraine under suspected Russian cyberattack, Russian security reportedly dissolves REvil ransomware group, Pegasus spyware found on Salvadoran journalists’ phones, hacker able to remotely control features on Tesla automobiles, Microsoft issues massive Windows patch to address 97 security flaws, New Mexico cyberattack affects prison, Rhode Island Transit Authority breached due to file stored on employee hard drive, California city suffers data breach, fertility clinic suffers cyberattack, NAP urges users to take NAS devices offline.
CISA and FBI issue joint cybersecurity advisory pertaining to Russian cyber threats
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issues a joint cybersecurity advisory that provides an overview of Russian state-sponsored cyberthreats as they pertain to critical US infrastructure and operations. The advisory goes into detail with regard to the tactics observed by cybercriminals and best practices for both prevention and mitigation of attacks. Read more.
Ukraine under suspected Russian cyberattack
Ukraine, amidst growing tensions with Russia who is demanding that the country not join NATO, has been hit with a cyberattack that has taken down over a dozen government websites. While Ukrainian authorities have not officially cast blame for the attack, the current political climate and the fact that the hacks do not seem to be financially motivated leads most to believe that the attack was, to some degree, directed by Russia. Read more.
Russian security reportedly dissolves REvil ransomware group
Under a formal request from US authorities, Russia’s Federal Security Service (FSB) has reportedly taken down the infamous ransomware gang known as REvil. According to local information, the FSB raided 25 locations and seized assets in the form of cash, cryptocurrency and luxury vehicles. 14 individuals have been charged with crimes and the gang’s infrastructure has reportedly been “neutralized.” Read more.
Pegasus spyware found on Salvadoran journalists’ phones
Independent Salvadoran news site El Faro was found to be targeted with Pegasus spyware, with the NSO-created product found on 22 journalists’ phones. El Faro has largely been at odds with the Salvadoran government and suspects that many of the plans they had made for investigative work were foiled due to having been hacked. Read more.
Hacker able to remotely control features on Tesla automobiles
A German teenager claims that he has been able to remotely control features on 25 Tesla automobiles using a flaw he discovered in a piece of third party software. He reports that he is able to lock and unlock doors, turn headlines on and off and control the car’s sound system among other features. He has reportedly been in contact with both Tesla and the third party software company with regard to his findings. Read more.
Microsoft issues massive Windows patch to address 97 security flaws
Microsoft is intent to start the new year with an effort to put at least some of 2021’s security flaws to rest. The company has issued a patch that addresses and closes 97 vulnerabilities. Some of the fixes are meant to address Log4j vulnerabilities that continue to plague systems as hackers find new ways to leverage the exploit. Windows users are urged to update immediately. Read more.
New Mexico cyberattack affects prison
A January 5th cyberattack on the government systems of Bernalillo County, New Mexico resulted in the county’s Metropolitan Detention Center losing access to its camera feeds, automatic locks and database. The attack has forced jail officials to keep prisoners locked in their cells until services return, resulting in the jail filing an emergency notice with regard to laws that require prisoners to be provided with liberties that involve time out of their cells. Read more.
Rhode Island Transit Authority breached due to file stored on employee hard drive
In August of 2020, the personal data of more than 17,000 state workers associated with the Rhode Island Transit Authority (RIPTA) was exposed to cybercriminals after it was reportedly downloaded to an employee’s hard drive which was then hacked. It is not currently clear how or why the employee downloaded the information, with RIPTA claiming that the data was improperly shared by a third party health insurance provider. Read more.
California city suffers data breach
Gross Valley, California, has reported that the city suffered a data breach that has exposed the data of all city vendors and employees as well as anyone who has provided information to the town’s police department. Information such as Social Security numbers, credit card information, addresses and more has been exposed. The breach is stated to have begun on April 13, 2021 and lasted up until July 1, 2021. Read more.
Fertility clinic suffers cyberattack
Fertility Centers of Illinois suffered a December 27th cyberattack, exposing the sensitive personal and medical information of more than 80,000 patients. The data exposed includes Social Security numbers, names, birth dates, account passwords, PIN numbers and a multitude of other high value information. Reportedly, the attackers used a compromised administrative account to carry out the breach. Read more.
QNAP urges users to take NAS devices offline
Taiwanese manufacturer QNAP is urging users of its network-attached storage (NAS) hardware to disconnect their devices in response to a wave of ransomware and brute-force attacks. QNAP is instructing users to run their device’s Security Counselor program to determine which router ports are at risk. Read more.
More cybersecurity news
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses, health care and government agencies globally. www.networktigers.com
NetworkTigers provides the latest industry and cybersecurity news in a weekly roundup at news.networktigers.com.