Cyber Bites

The Office of the Washington State Auditor (SAO) has experienced a data breach which has resulted in the exposure of 1.6 million employment claims, and the sensitive personal information that they contain. The Washington SAO revealed that a threat actor had exploited a vulnerability in Accellion, a secure file transfer service that helps organisations share sensitive documents with outside users in a secure way. The breach has unfortunately exposed data files from the Employment Security...

The U.S. Federal Trade Commission (FTC) said today that the number of identity theft reports has doubled during 2020 when compared to 2019, reaching a record 1.4 million reports within a single year. The FTC claimed that: "After the government expanded unemployment benefits to people left jobless by the pandemic, cybercriminals filed unemployment claims using other people’s personal information." Throughout 2020, the FTC received 394,280 reports of government benefit fraud attempts, while in 2019 this number...

Ransomware gangs are exploiting the VMWare ESXi product to encrypt the virtual hard drives found in virtual machines. These attacks were first seen in October 2020, and have been linked to a criminal group that deployed the RansomExx ransomware. Evidence from multiple security researchers suggests that the hackers used CVE-2019-5544 and CVE-2020-3992. These are found in VMware ESXi, a hypervisor solution that allows multiple virutal machines to share hard drive storage. These bugs impact the...

Greek police are planning to introduce new devices into their force in order to allow real-time fingerprint scanning and facial recognition to help verify citizens identities. The introduction of this technology is part of Greece's 4.5 million euro 'Smart Policing' initiative. The 'Smart Policing' project began in 2017 and aims to improve the identification process of citizens who are stopped by police. At the moment, if a Greek citizen is unable to provide identification documents...

The flaw was discovered on January 28th by Travis Ormandy of Project Zero, which is a security research unti within Google. It was found in GNU Privacy Guard (GnuPG)'s Libgcrypt encryption software, and potentially allowed attackers to write arbitrary data to the target machine. This is a severe vulnerability, which could lead to remote code execution. Fortunately, no other version of Libcgrypt seem to be affected by the vulnerability and GnuPG addressed the weakness almost...

The UKRI announced this week that it feel victim to a cyberattack, which resulted in "data being encrypted by a third party.” Details are scarce, and it has not been reported who was behind the attack. The incident has been reported to the National Crime Agency, the National Cyber Security Centre and Information Commissioner's Office. The attackers encrypted data and impacted two of the UKRI's services. The first was a portal for the UK Research...

Myanmar has been experiencing phone and internet service disruptions as the country faces a possible military coup. Data from NetBlocks Internet Observatory, a UK internet monitoring group, found that the service disruption are impacting a number of both local and international service providers such as Telenor and Myanma Posts and Telecommunications (MPT). NetBlocks Internet Observatory who specialise in the internet monitoring of digital rights, cybersecurity, and internet governance mapped Myanmar's IP address space in real-time...

Florida Healthy Kids Corp, a children Medicaid health plan based in Tallahassee has discovered that it has been victim to a 7-year data breach. The health plan was first notified of the breach on 9th December 2020 and soon after launched an investigation into it. During the investigation, they found that there had been "significant vulnerabilities" in their website and databases which support the online children health insurance application since 2013. The vulnerabilities in their...

USCellular has suffered a data breach due to hackers gaining access to their CRM. Once the hackers infiltrated the CRM they were then able to view customers' accounts and personal data. USCellular stated in a data breach notification filed to the attorney general's office in Vermont, that the retail store's employees were victims of a phishing attack which tricked them into downloading software onto company computers. Once the software was installed it allowed the attackers...

A report published by Neustar, Inc., titled 'Cyber Threats and Trends: Pandemic Style', outlines any security risks companies were faced with throughout the COVID-19 pandemic. The report found a 154% increase in the number of cyber attacks between the years 2019 and 2020. There was particular growth in ransom related DDoS (RDDoS) attacks with a rise in the use of existing attack vectors, which also included web applications. RDDoS are not a new phenomenon, however...