Cyber Bites

The Washington State Department of Licensing (DOL) has closed down their Professional Online Licensing and Regulatory Information System (POLARIS) as a precaution against suspicious activity.  The system stores information regarding license holders and applicant. The information varies but may include Social Security numbers, dates of birth, drivers licence numbers and a range of other personally identifying information (PII). In a statement posted to its website, the DOL announced the detection of suspect activity involving professional and...

DPD Groups' package tracking system has potentially been exploited to access the personally identifiable details of its clients. DPD Group, a parcel delivery service with a global presence that ships around two billion parcels annually worldwide requires customers to track their parcels by entering a parcel code and a post code. Pen Test Partners researchers explored the system, finding that they could try out parcel codes on API calls and retrieve OpenStreetMap addresses with the...

The most consistent data point in the IBM i Marketplace Survey Results over recent years has been the ever-present cybersecurity threat. This year is no exception. The study shows that 62% of organisations consider cybersecurity a number one concern as they plan their IT infrastructure. 22% cite regulations and compliance in their top five. While companies that prioritise security seem to be implementing multiple solutions, it’s still alarming that nearly half of them do not plan to...

The BlackCat ransomware operation, also known as ALPHV has confirmed their former involvement in the notorious BlackMatter/Darkside ransomware operations. BlackCat/ALPHV, launched in November 2021, is a new feature-rich ransomware operation developed, somewhat unusually, in the Rust programming language. The ransomware executable is highly customizable, with different encryption methods and options allowing for attacks on a wide range of corporate environments. The gang calls themselves ALPHV, but security researcher MalwareHunterTeam dubbed the ransomware "BlackCat" after the...

Morley Companies has announced that it was hit with a ransomware attack last year that resulted in the sensitive information of more than 500,000 people being leaked. The organisation provides business services to dozens of Fortune 500 companies. In a press release, the company said the ransomware attack began on August 1 and made their data "unavailable." The company has avoided requests for comment, not explaining why it has waited until now to notify the 521,046...

Hackers stole $4.4 million from the blockchain infrastructure company Meter in a cyberattack on Saturday. The company manages infrastructure allowing smart contracts to scale and travel through heterogonous blockchain networks. Both Meter and Moonriver networks were affected. The company said it manages an infrastructure that allows smart contracts to scale and travel through heterogeneous blockchain networks. The Meter network as well as the Moonriver network were affected by the hack. Blockchain research company PeckShield confirmed that 1391 ETH...

The FBI is asking US businesses to report any uptick in Russian hacking threats -- the latest effort to prepare for potential Russian cyberattacks on US organizations amid Russia's troop buildup on Ukraine's border, CNN reported this week. "Have you identified any efforts by known or suspected Russian to test exploitation capabilities, develop new malware or otherwise prepare for cyber operations?" the FBI asked in a January 21 request for information to US businesses obtained by CNN....

Attacks linked to a Chinese threat actor have exploited a Zimbra's zero-day vulnerability and are stealing emails linked to European government and media. Researchers say that at the time of writing the exploit has no available patch. Zimbra says that more than 200,000 businesses from over 140 countries are using its software, including over 1,000 government and financial organizations. The vulnerability allows attackers to perform a number of malicious actions. These include exfiltrating cookies to...

Employees and executives from the top 20 pharma companies on the Fortune 500 list have had their credentials exposed, new research suggests. Constella Intelligence identified 9,030 breaches/leakages and 4,549,871 exposed records—including attributes like email addresses, passwords, phone numbers, addresses, and even credit card and banking information—related to employee corporate credentials from the companies analysed. The circulation and proliferation of this data provides threat actors with the resources necessary for a range of cyberattacks and paves the...

The Department of Homeland Security has announced a new Cyber Safety Review Board bringing together cybersecurity experts from public and private organizations to "review and assess significant cybersecurity events." The board was part of the executive order that President Joe Biden signed last year. Experts have long called for a federal organisation for cybersecurity incidents similar to the National Transportation Safety Board, which investigates airplane crashes and transportation incidents.  Alejandro Mayorkas, Homeland Security secretary, said...