Below are the most recent news in the cybersecurity world. Companies are constantly being attacked by ransomware
- Ransomware was being used against Australian Medibank.
A ransomware attack on Australian Medibank, a health insurance company, occurred last week. In 2021, it will serve 3.7 million clients and employ 4000 people.
The company’s CEO offers his condolences for the incident and has ensured that no client data was encrypted during it.
The organization learned about the attack on October 12 and quickly shut down the network system to prevent data loss.
- MyDeal data breaches affect 2 million users.
MyDeal, an Australian online retailer, claims that hackers acquired the personal information of 2.2 million consumers and tried to sell it on hacking forums.
Names, phone numbers, dates of birth, residences, and email addresses of customers were revealed. However, they claim that no customer information or account passwords were disclosed.
In the hacking forums, hackers were asking $600 for the data. They sent a screenshot of their compromised accounts as evidence.
- Handshake errors in SSL and TLS were resolved.
SSL and TLS handshakes start client and server platforms. SEC E ILLEGAL MESSAGE faults will appear for impacted users in an application when there are problems.
Windows Server 2022, 2019, 2016, and so forth are server-side editions, while client-side versions include Windows Server 11, Windows 10, and Windows 8.1.
Temporary patches were created to patch up some Windows while Microsoft fixes the vulnerability.
- Hacking attacks on Hong Kong organizations went unreported for a year.
For about a year, organizations in Hong Kong have been penetrated by espionage groups with ties to China. They were making use of the malware spyder loader.
They can explore the system more thoroughly thanks to this malware. Malware that was watching for communications from the C2C server was also discovered by the researcher.
- The German newspaper was attacked by ransomware.
On October 14th, Heilbronn Stimme was the target of a ransomware attack. For days, emails and phone calls stop working as a result. Staff members were therefore instructed to interact via WhatsApp.
Additionally impacted by this attack were subsidiary businesses Echo, Presseduck, and EgioMail.
They claim that cybercriminals carried out this attack, although no particular ransom demands were issued. To correct this, the media was working.
- The cobalt strike revealed a vulnerability.
Cobalt Strike, a for-profit adversary simulation program, has an RCE flaw. To address this issue, Cobalt Strike’s assistance systems have released an update.
The CVE number for this problem is 2022-42948. The ransomware gang took advantage of the cracked version of this. This vulnerability enables XSS attacks from any threat actors.
The discovery was made on September 20, 2022. Using the GUI toolkit known as the Java Swing framework can exploit this issue.
- For hacking wireless key fobs, a group was detained.
31 European members sold software that enables keyless auto theft and hacking. Resellers, software developers, and users all make up the membership.
The researcher claimed that tablets, software, and connectors were all included in the offered packets. A total of 22 sites were searched during the raid, and hundreds of blank car keys were taken.
These keys were being sold on a website that has since been removed.
- A fresh strain of Qbot malware targets business users.
Qbot virus, active since September 28, targeted more than 800 corporate users. Since 2009, the spyware known as Qbot has been stealing data.
It has an impact on almost 1500 users. The United States is the nation that has been targeted the most. 95 out of the 220 targets had business users. 93 users from Germany are after you.
The researchers discovered that the Black Basta group had used Qbot to execute a payload. They also discovered that 400 compromised websites were disseminating Qbot malware.
- The Magniber ransomware targeted individuals at home.
Magniber ransomware, disguised as a phony Windows update, attacked Windows home users. The attackers detected bogus antivirus and Windows 10 updates.
JavaScript was run when this malicious zip file was downloaded since it included it. According to the reporter, home users received a Ransom notice asking $2500 in exchange for their decryption key.
On April 20, 2022, a windows update revealed it.
- Polish organizations are targeted by the Prestige ransomware.
Prestige malware targeted Poland’s logistics and transportation companies. On October 11, the first sighting occurred.
Even though they still don’t know precisely how many clients have been compromised, they are alerting those who have been impacted.
The researcher thinks there were three possible ways this was done. Additionally, they stated that this outfit has no connections to other active ransomware gangs.
