News – May 2023


  • Britain’s largest private pension scheme reveals scale of Capita break-in

    May 12, 2023

    Universities Superannuation Scheme, the UK’s largest private pension provider, says Capita has warned that details of almost half a million members were held on servers accessed during the recent breach. The USS made the disclosure today, saying that it uses Capita technology platform, Hartlink, to manage in-house pension administration processes, and was working closely with the ...

  • Balkans’ biggest drug lords arrested after investigation into encrypted phones

    May 12, 2023

    On 11 May, coordinated raids were carried out in Serbia and the Netherlands, targeting both the cartel’s leadership and distribution infrastructure. Seven other members of this criminal organisation were already arrested in Belgium in 2021. Two individuals were previously arrested for other offences in Serbia and Peru. Another suspect was arrested in the Netherlands on ...

  • Why Microsoft just patched a patch that squashed an under-attack Outlook bug

    May 12, 2023

    Microsoft in March fixed an interesting security hole in Outlook that was exploited by miscreants to leak victims’ Windows credentials. This week the IT giant fixed that fix as part of its monthly Patch Tuesday update. To remind you of the original bug, tracked as CVE-2023-23397: it was possible to send someone an email that included ...

  • CISA and FBI Release Joint Advisory in Response to Active Exploitation of PaperCut Vulnerability

    May 11, 2023

    CISA and FBI have released a joint Cybersecurity Advisory (CSA), Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG. This joint advisory provides details related to an exploitation of PaperCut MF/NG vulnerability (CVE-2023-27350). FBI observed malicious actors exploit CVE-2023-27350 beginning in mid-April 2023 and continuing through the present. In early May 2023, FBI observed a ...

  • Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers

    May 11, 2023

    An increasing number of ransomware operations are adopting the leaked Babuk ransomware source code to create Linux encryptors targeting VMware ESXi servers. SentinelLabs security researchers observed this rising trend after spotting a rapid succession of nine Babuk-based ransomware variants that surfaced between the second half of 2022 and the first half of 2023. Read more… Source: Bleeping Computer  

  • CISA Releases Fifteen Industrial Control Systems Advisories

    May 11, 2023

    CISA released fifteen Industrial Control Systems (ICS) advisories on May 11, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-131-01 Siemens Solid Edge ICSA-23-131-02 Siemens SCALANCE W1750D ICSA-23-131-03 Siemens Siveillance Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • Food giant Sysco confirms customer data stolen in cyberattack

    May 10, 2023

    Sysco detected the data breach in March but believes the threat actor began their attack in January, with business, employee and personal data stolen. Global food distributor Sysco has said that company data has been stolen as a result of a cyberattack earlier this year. The stolen information is believed to include business, customer, employee and personal ...

  • After a Cyber Attack: Dos and Don’ts for Higher Education IT Staff

    May 10, 2023

    For most colleges and universities, it’s a question of when, not if, they will experience a cyber attack. Here are seven key considerations for handling the aftermath of a breach. There is a treasure trove of sensitive and valuable information in higher education information systems that is tantalizing to hackers of all kinds. With networks that ...

  • US cyber team unearths malware during ‘hunt-forward’ mission in Latvia

    May 10, 2023

    A team of U.S. cyber specialists discovered malware during a three-month deployment to Latvia while scouring digital infrastructure for weaknesses. The so-called hunt-forward operation, conducted by the Cyber National Mission Force, was the second such endeavor in the former Soviet state. It wrapped up “recently,” U.S. Cyber Command announced May 10. Read more… Source: Yahoo! News  

  • North Korean hackers breached major hospital in Seoul to steal data

    May 10, 2023

    The Korean National Police Agency (KNPA) warned that North Korean hackers had breached the network of one of the country’s largest hospitals, Seoul National University Hospital (SNUH), to steal sensitive medical information and personal details. The incident occurred between May and June 2021, and the police conducted an analytical investigation during the past two years to ...

  • New phishing-as-a-service tool “Greatness” already seen in the wild

    May 10, 2023

    A previously unreported phishing-as-a-service (PaaS) offering named “Greatness” has been used in several phishing campaigns since at least mid-2022. Greatness incorporates features seen in some of the most advanced PaaS offerings, such as multi-factor authentication (MFA) bypass, IP filtering and integration with Telegram bots. Read more… Source: Talos  

  • Cybersecurity firm Dragos discloses cybersecurity incident, extortion attempt

    May 10, 2023

    Industrial cybersecurity company Dragos today disclosed what it describes as a “cybersecurity event” after a known cybercrime gang attempted to breach its defenses and infiltrate the internal network to encrypt devices. While Dragos states that the threat actors did not breach its network or cybersecurity platform, they got access to the company’s SharePoint cloud service and ...

  • Wiley Edge offers aspiring cyber security professionals ISACA certification

    May 10, 2023

    Emerging talent and reskill training partner, Wiley Edge, will now offer trainees on its Alumni graduate program a path to ISACA certification, giving them the best possible start in their cyber security careers. Protecting organization’s against hacking and other major threats, cyber security is a crucial aspect of any business. Yet despite a global shortage of ...

  • UK man pleads guilty to hijacking Twitter accounts including of Joe Biden and Elon Musk

    May 10, 2023

    A British man has pleaded guilty over his role in schemes to hack the Twitter accounts of celebrities including Joe Biden and Elon Musk, as well as stealing $794,000 in cryptocurrency. Joseph James O’Connor, 23, entered his guilty plea in a New York court after being extradited from Spain on 26 April. Read more… Source: The Guardian  

  • Spanish police dismantle phishing operation linked to crime ring

    May 9, 2023

    The National Police of Spain have arrested two hackers, 15 members of a criminal organization, and another 23 people involved in illegal financial operations in Madrid and Seville for alleged bank scams. The cybercrime operation is an email and SMS-based phishing campaign that allegedly scammed over 300,000 people and resulted in confirmed losses of at least ...