Cyber Bites

In a report published today, ESET researchers have outlined the threats and the trends that characterised the second quarter of 2020. Perhaps unsurprisingly, researchers found that Covid-19 themed phishing attacks are alive and well, and continued into Q2, confirming how the coronavirus pandemic has defined this year in cybercrime. ESET researchers also discovered a new cyber espionage toolkit tailored for collecting and exfiltrating sensitive documents from air-gapped systems. Dubbed Ramsay, the toolkit provides a series...

Security firm FireEye released yesterday a report on the activity of filo-Russian disinformation focussed group Ghostwriter. According to FireEye's report, the group seems to have upped its game since it first started operating in 2017, and has now begun hacking the content management systems of news organisations. Generally aimed at undermining NATO, the hacking campaign has been spreading fake news about NATO soldiers spreading coronavirus, a planned invasion of Belarus and US military aggression. Although...

(ISC)² has announced today that it will add Global Knowledge to its portfolio of Official Training Providers for the UK, thus expanding the range of leading training organisations offering (ISC)2 certification preparation training. Global Knowledge will be providing exam preparation training for the full range of (ISC)2 certifications to its UK customer base, delivering pathways to new sectors and audiences, increasing the size of the UK channel presence for (ISC)2 and responding to increased demand and...

The trend of ransomware attacks turning into data breaches continues. Cybercriminals have taken the habit of exfiltrating a company's data before encrypting their databases with ransomware, so as to double up on their profits with the sale of the stolen information. Dussman Group, one of the largest multi-service providers in Germany, is the latest enterprise to have its database of sensitive information exposed due to a ransomware attack hitting one of its subsidiaries, Dresdner Kühlanlagenbau...

According to security firm Recorded Future, Chinese hackers have infiltrated the Vatican's computer network in an apparent espionage effort. This happened ahead of sensitive negotiations with Beijing, which currently recognises five religions, including Catholicism. However, the Communist Party has recently attempted to tighten its control over religious groups, perceived as a threat to the stability of the Party. The New York Times reported that the series of intrusions began in early May. One attack was...

To track levels of diversity and inclusion in the cyber security industry, the National Cyber Security Centre (NCSC) and KPMG UK, supported by Professor Nick Jennings, Vice-Provost (Research and Enterprise) of Imperial College London, have compiled Decrypting Diversity 2020, the first joint report in an annual series aimed at promoting diversity in security teams. A diverse workforce minimises the risk of leaving blind spots. After all, attackers do not come from one single background, so the more...

CISA and NCSC are investigating a strain of malware known as QSnatch, which attackers used in late 2019 to target Network Attached Storage (NAS) devices manufactured by the firm QNAP. All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated with the latest security fixes. The malware, documented in open-source reports, has infected thousands of devices worldwide with a particularly high number of infections in North America and Europe. Further, once a...

Microsoft Office 365 users are being targeted by a malicious email campaign impersonating an automated SharePoint notification. The fake emails were crafted to mention the name of the targeted organisations and have already reached over 50,000 inboxes, according to email security company Abnormal Security. The messages invited potential victims to click on a link in the body of the message, which would take them to a fake SharePoint landing page. There, through a series of...

US healthcare service National Cardiovascular Partners (NCP) has fallen victim of an email hack that exposed 78,000 cardiovascular patients' data. The data was archived in an Excel spreadsheet, which was accessed by malicious actors back in April. The breach remained undetected until nearly a month late, when NCP responded by securing the compromised email and brought in cybersecurity experts to handle the forensics of the incident. The information exposed included sensitive data such as names,...

LA-based fintech unicorn Dave has confirmed a security compromise that resulted in 7,516,625 user records being exposed. On Saturday, ZDNet reported that it was tipped off by a reader who noticed that a hacker was offering the Dave app's user data on RAID, a hacking forum that has built a reputation for being the go-to place for hackers to leak databases. It appears that attackers were able to access the database through the network of...