News – February 2023

February 28, 2023

Dish Network, one of the largest television providers in the United States, confirmed on Tuesday that a previously disclosed “network outage” was the result of a cybersecurity breach that affected the company’s internal communications systems and customer-facing support sites. Shares dropped over 6% on the news and a double-downgrade from Bank of America. Read more… Source: CNBC News  

February 28, 2023

Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key ...

February 28, 2023

The U.S. Marshals Service is investigating a major ransomware attack that has compromised some of its most sensitive information, including law enforcement materials, and the personal information of employees and potential targets of federal investigations. The cyberattack was considered a “major incident” by officials, impacting a “stand-alone” system (meaning it is not connected to a larger ...

February 28, 2023

An advanced hacking operation dubbed ‘SCARLETEEL’ targets public-facing web apps running in containers to infiltrate cloud services and steal sensitive data. SCARLETEEL was discovered by cybersecurity intelligence firm Sysdig while responding to an incident in one of their customers’ cloud environments. Read more… Source: Bleeping Computer  

February 27, 2023

The RIG Exploit Kit is undergoing its most successful period, attempting roughly 2,000 intrusions daily and succeeding in about 30% of cases, the highest ratio in the service’s long operational history. By exploiting relatively old Internet Explorer vulnerabilities, RIG EK has been seen distributing various malware families, including Dridex, SmokeLoader, and RaccoonStealer. Read more… Source: Bleeping Computer  

February 27, 2023

Starting in June, companies operating in China must undergo a regulatory intervention when sending data abroad, thanks to the Cyberspace Administration of China (CAC). The CAC announced on Friday businesses that handle the personal information of up to 1 million people, or want to send user information of up to 100,000 individuals abroad, will need to ...

February 27, 2023

Ransomware is an ever-growing problem that has wreaked havoc across a multitude of industries, with astronomical ransom demands leaving businesses and infrastructure feeling powerless. From major hospitals to enterprises – no sector was immune from the impact of ransomware’s widespread infiltration in recent years. Trend Micro researchers discussed what triggers threat actors from changing their business ...

February 27, 2023

LastPass revealed more information on a “coordinated second attack,” where a threat actor accessed and stole data from the Amazon AWS cloud storage servers for over two months. LastPass disclosed a breach in December where threat actors stole partially encrypted password vault data and customer information. Read more… Source: Bleeping Computer  

February 24, 2023

Today, CISA retired US-CERT and ICS-CERT, integrating CISA’s operational content into a new CISA.gov website that better unifies CISA’s mission. CISA will continue to be responsible for coordinating cybersecurity programs within the U.S. government to protect against malicious cyber activity, including activity related to industrial control systems. In keeping with this responsibility, CISA will continue responding ...

February 24, 2023

Mass media and publishing giant News Corporation (News Corp) says that attackers behind a breach disclosed in 2022 first gained access to its systems two years before, in February 2020. This was revealed in data breach notification letters sent to employees affected by the data breach, who had some of their personal and health information accessed, ...

February 24, 2023

The cyber-insurance market, battered by a rash of pandemic-era ransomware attacks, is making a comeback. Price hikes are moderating, new carriers and fresh sources of capital are emerging, and companies can better afford coverage. Cyber-insurance pricing increased 10% from a year earlier in January, a fraction of the 110% annual increase reported in the first quarter ...

February 24, 2023

The Amsterdam cybercrime police team has arrested three men for ransomware activity that generated €2.5 million from extorting small and large organizations in multiple countries. The suspects, all young men aged between 18 and 21, are charged with stealing sensitive data from victim networks and demanding a ransom. It is believed that they attacked thousands of ...

February 23, 2023

A hitherto unknown attack group has been observed targeting a materials research organization in Asia. The group, which Symantec calls Clasiopa, is characterized by a distinct toolset, which includes one piece of custom malware (Backdoor.Atharvan). At present, there is no firm evidence on where Clasiopa is based or whom it acts on behalf. The infection vector ...

February 23, 2023

Produce giant Dole was forced to temporarily shut down its production plants in North America and halt food shipments to grocery stores after being targeted in a cyberattack. The previously unreported hack, which a source familiar with the incident said was ransomware, led some grocery shoppers to complain on Facebook in recent days that store shelves ...

February 23, 2023

Someone on a criminal forum is selling what they claim is data on all Telus employees, as well as the Canadian telecommunications company’s GitHub software code repositories. In response to an IT World Canada reporter’s query about the posting, Telus director of public affairs Richard Gilhooley said the company is looking into the allegation. Read more… Source: IT ...