Cyber Bites

Palantir is a US data firm that has had long-term involvement in the analysis of large amounts of NHS public health data. Open Democracy, an independent global media platform, has taken legal action against the NHS over its contract and involvement with Palantir, also stating that the firm lobbied a top NHS official. Palantir has a history of being targetted by privacy campaigners. The firm has access to vast amounts of private data as it...

Last night the US Federal Reserve suffered a major IT systems outage which stopped all ACH transactions, wire transfers, as well as a number of other services from operating. The system outage affected the majority of electronic service provided by the Federal Reserve Bank. The outage prevented services such as Check 21, Central Bank, Account Services, FedLine Command, National Settlement, FedACH, FedCash, Fedwire Funds, FedLine Advantage, FedLine Direct, FedLine Web, and Fedwire Securities from functioning....

Following the report last month, that multiple Indian government websites were leaking COVID-19 test reports, Sourajeet Majumder has discovered another website exposing millions more. The security researcher shared his findings last week: "I have found an issue in an Indian Government site which is resulting in the leakage of test reports of EVERYONE who took a COVID-19 test in a particular state. These reports have sensitive information about the citizens in them like name, age,...

GCHQ has announced that it has embraced artificial intelligence to uncover patterns in global data to counter misinformation and catch child abusers. Jeremy Fleming, the director of GCHQ stated: “AI, like so many technologies, offers great promise for society, prosperity and security. Its impact on GCHQ is equally profound.” AI allows modern computers to learn to analyse data and find spies or information that the human brain is likely to miss. In a report released...

Researchers have discovered that around 10,000 employee mailboxes at DHL Express and FedEx have been hit by two phishing attacks that sought to extract recipients work email account. A blog post shared by Armorblox this week detailed the attacks. The post explained how there were two different attacks, one which pretended to share shipping details from DHL Express, and another which impersonated a FedEx online document share. The attackers were able to infiltrate the systems...

The Canadian airplane manufacturer has today revealed that it suffered a security breach. In a press release, Bombardier disclosed that some of its data has been published on the dark web portal operated by the Clop ransomware gang: "An initial investigation revealed that an unauthorized party accessed and extracted data by exploiting a vulnerability affecting a third-party file-transfer application, which was running on purpose-built servers isolated from the main Bombardier IT network." In December 2020...

Research has shown that in the past year cyberattackers have increasingly targeted healthcare organisations for deploying ransomware and other cyber-attacks. The annual X-Force Threat Intelligence research was released on Wednesday, which tracks the evolution of new threats, malware development and cyberattacks. The most notable trend was how many threat actors targeted their malicious campaigns at organisations involved in fighting the coronavirus pandemic throughout the last year. In fact, the research suggests that these organisations suffered...

Accellion systems are used to share and store files by as many as 300 organisations all around the world. Recently, they suffered a data breach following an attack linked to the ransomware gangs, Clop and FIN11. Accellion has claimed that less than 100 customers were affected by the attack, including Transport for New South Wales. Transport for New South Wales has confirmed that data was stolen, saying "before the attack on Accellion servers was interrupted,...

Sequoia Capital, one of the most famous venture capital firms in Silicon Valley announced that it suffered a data breach. The firm officially referred to it as a "cybersecurity incident", in which investor data, including personal information, was likely stolen. The attack vector is alleged to have been a phishing link received by an employee. It is still unclear whether malware or ransomware was involved in the attack, however investors have already been informed of...

Unknown individuals have been impersonating Austin Energy in an attempt to scam customers. The scammers were threatening to cut customers' power unless a fictitious overdue bill was paid immediately. They typically requested reloadable prepaid debit cards or other non-traceable form of payments. As a result, Austin Energy warned: "Scammers are trying to take advantage of our customers in the aftermath of the winter storm," and told customers to be weary of any phone calls received...