Updated on 2022-12-08: North Korea’s APT37 Hackers Exploited Internet Explorer JScript9 Engine Zero-Day Hackers linked to North Korea have been exploiting a zero-day type-confusion vulnerability in Internet Explorer’s JScript9 engine. Google’s Project Zero detected the vulnerability, which affects Windows 7 though 11 and Windows Server 2008 through 2022 prior to patches Microsoft released in November. …
Cyberattack
Three hospitals in Brooklyn, NY, are facing backlash over a lack of transparency regarding a November 19 cyber incident. Patients and physicians have expressed frustration that three hospitals in the One Brooklyn Health System have not been forthcoming about the cause of the incident. Other area hospitals are concerned that they could fall prey to …
Updated on 2022-12-05 Kaspersky identified a new data wiper, dubbed CryWiper, that was used for destructive attacks against Russia’s mayor’s offices and courts. The malware pretends to be a ransomware. Read more: New CryWiper wiper targets Russian entities masquerading as a ransomware Updated on 2022-12-04: CryWiper Malware Seen on Russian Courts and Mayors’ Office Networks …
Updated on 2022-11-29 IKEA confirmed suffering a cyberattack on its Kuwait and Morocco branches, disrupting several operating systems. The Vice Society ransomware group added the franchises to its leak site. Read more: IKEA investigating cyberattacks on outlets in Kuwait, Morocco Overview: Local IKEA incidents Swedish furniture retailer IKEA confirmed that its local franchises in Kuwait …
Updated on 2022-11-22: Discontinued Boa Web Server Used in Cyberattacks Although Boa web server was discontinued in 2005, it is still being used by vendors in Internet of Things (IoT) devices and software development kits (SDKs). Organizations may be unaware that devices on their networks run services that use Boa. Researchers from Recorded Future published …
Updated on 2022-11-28: European Parliament Website Hit with DDoS The website of the European Parliament (EP) was temporarily taken down last week due to a cyberattack. The attack came just hours after the legislative body passed a resolution calling the Kremlin a “state sponsor of terrorism.” An EP spokesperson said the website was the target …
Updated on 2022-11-30 Healthcare data breaches are getting out of hand, impacting millions of individuals every so often. One such breach at a pediatric health IT software company impacted over two million patients and their sensitive information. In another vein, a China-linked threat actor was found using USB devices for nefarious purposes. We also have …
Updated on 2022-11-24: A really comprehensive Ukraine invasion cyber timeline The National Security Archive at George Washington University has updated its extremely comprehensive timeline (140+ pages so far) of the cyber-related aspects of the war in Ukraine at its Ukraine Cyber Project. It’s not just numbers and dates and also includes brief summaries of articles, …
Updated on 2022-12-21 Sports betting company DraftKings notified 68,000 individuals of a data breach that potentially compromised their personal data, including usernames, passwords, and email addresses. pic.twitter.com/R8tD6xryZO — DraftKings CX Team (@DK_Assist) November 21, 2022 Updated on 2022-12-05: FBI investigating DraftKings credential stuffing incident ESPN is reporting that the FBI is investigating the credential stuffing …
According to an October 2022 report from the US Government Accountability Office, (GAO), the country’s “offshore oil and gas infrastructure faces significant and increasing cybersecurity risks in the form of threat actors, vulnerabilities, and potential impacts.” The infrastructure is regulated by the Department of the Interior’s Bureau of Safety and Environmental Enforcement (BSEE). GAO recommends …
Updated on 2022-11-30: Vanuatu’s Government Struggling to Recover from Cyberattack A month after a cyberattack took down Vanuatu’s government servers and websites, officials are still using their private email accounts, their personal laptops, typewriters, and pen and paper to conduct business. Government offices in the outer islands of the South Pacific country are experiencing significant …
Overview: New threat actor A threat actor going by the name of IntelBroker is claiming to have breached several US government agencies and is now running ads on underground hacking forums claiming to sell more than 2 GB of files stolen from the agencies’ networks. While the group has made bold claims, several security researchers …
Updated on 2022-11-24: Zeppelin ransomware flaw exploited to help victims for years Unit 221B, a New Jersey cyber security firm was able to recover Zeppelin encryption keys by taking advantage of a flaw in the three-step encryption system Zeppelin used. In one of the encryption steps the ransomware temporarily stored a relatively weak 512-bit RSA …
Updated on 2022-11-21: Cyber Partisans hack and disrupt Kremlin censor Belarusian hacktivist group Cyber Partisans has hacked the Russian General Radio Frequency Center (GRFC), a smaller sub-agency that’s part of the Roskomnadzor, the Russian government’s telecommunications watchdog. In Telegram and Twitter posts, the Cyber Partisans said they gained access to the agency’s internal network, from …
Updated on 2022-11-18 A previously unknown ransomware, ARCrypter, was found expanding its foothold from Latin America to China, Canada, the U.S., Germany, and France. Read more: Previously unidentified ARCrypter ransomware expands worldwide Overview: ARCrypter ransomware BlackBerry’s security team has a report on the new ARCrypter ransomware, the strain used in attacks on the Colombian National …
