Cybersecurity News Round-Up: Week of September 26, 2022 – Security Boulevard

Hello and welcome back to the GlobalSign blog! Here’s what’s been happening in cybersecurity.

Business and tech news publisher Fast Company remains offline following a cyberattack on Tuesday evening. The company decided to block access due to “offensive messages” to readers via its Apple News feed. According to Bleeping Computer, the first sign of a breach “occurred on Sunday afternoon when the site’s home page began filling up with stories titled “Hacked by Vinny Troia. [redacted] tongue my [redacted]. Thrax was here.’ ” The story continues that “Members of the Breached hacking community, and the now shut down RaidForums, have a long-standing feud with security researcher Vinny Troia where they commonly deface websites and perform hacks, which they blame on the researcher.”

Meta, which operates Facebook and Instagram, this week revealed it took down “an extensive network of Facebook and Instagram accounts” promoting disinformation. That disinformation was published on more than 60 websites that spoofed multiple legitimate news sites across Europe including Germany, France, Italy, Ukraine, and the U.K. The effort to remove the disinformation began in May. 

TikTok could be on the hook for £27m following news that the UK’s Information Commissioner’s Office (ICO) is none too pleased about breaches of the country’s data protection laws between 2018 and 2020. The most concerning of the ICO findings is that the Chinese social networking giant may have processed the data of children under the age of 13 without “appropriate” parental consent.

Chile’s judicial system was forced to take 150 computers offline earlier this week to stop the spread of the Cryptolocker Trojan virus, which maliciously encrypts files. However authorities there have stressed that court proceedings were mostly unaffected. The Cryptolocker Trojan was injected into its network after a phishing email was opened on Sunday night. 

There was a massive attack last week in Australia at communications giant Optus. A week later, the hacker responsible has removed a customer database from the web. The user ‘Optusdata’ claimed responsibility for the attack on Tuesday, but also announced they deleted the only copy of the stolen data. The hacker also claims they will not sell the data to anyone and apologized to the 10,000 people whose data was leaked. 

A class action lawsuit against electronics giant Samsung was recently filed over two data breaches the company has suffered this year. Two users filed a 43-page complaint with the Federal District Court for the Northern District of California. The lawsuit, which was filed on September 10th, claims the user data Samsung collected was unnecessary and was sold without the proper security protections in place, and because of that, a data breach was the end result. 

Nearly two months after the massive cyber attack at the UK’s National Health Service (NHS) began, the impact of the incident continues. There are still disruptions for appointment check-ins, medical notes and more. 

That’s a wrap for this week. Catch you next week for the latest in cybersecurity news! 

Amy 

Top Global Security News

Bleeping Computer (September 28, 2022) Hacker shares how they allegedly breached Fast Company’s site

Fast Company took its website offline after it was hacked to display stories and push out Apple News notifications containing obscene and racist comments. Today, the hacker shared how they allegedly breached the site.

The site today shows a statement from the company confirming they were hacked on Sunday afternoon, followed by an additional hack on Tuesday evening that allowed threat actors to push out racist notifications to mobile devices via Apple News.

“Company’s content management system was hacked on Tuesday evening. As a result, two obscene and racist push notifications were sent to our followers in Apple News about a minute apart,” reads a statement on Fast Company’s website.

READ MORE 

InfoSecurity (September 27, 2022) Alleged Optus Hacker Apologizes, Deletes Customers’ Exposed Data

The hacker behind last week’s Optus data breach seems to have taken down the database containing customers’ released information.

A user going by ‘optusdata’ and posting on BreachForums claimed responsibility for the attack earlier today and said they had deleted the only copy of the stolen data.

“Too many eyes. We will not [sell] data to anyone. We can’t if we even want to: personally deleted data from drive (Only copy).”

However, the alleged hacker also apologized to 10,000 Australian individuals whose data had been leaked.

READ MORE 

BBC (September 27, 2022) Oxford Health: Cyber attack continues to hit NHS trust’s services

A cyber attack on NHS systems spotted nearly two months ago is still “compromising” the quality of care trusts can provide, a health boss said. Software used for check-ins, notes and the NHS 111 service was affected by the ransomware attack found on 4 August.

The chief executive of Oxford Health Foundation Trust (OH), Nick Broughton, said it has done all it can to maintain services despite the disruption. 

Software provider Advanced said disruption could continue for weeks.

The trust said it initiated an internal critical incident in early August with a full emergency response.

READ MORE 

Databreach Today (September 27, 2022) Chilean Court System Hit With Ransomware Attack

The Chilean judicial system yanked 150 computers offline to stop the spread of a virus that maliciously encrypts files even as authorities stressed that court proceedings were mostly unaffected.

The event is the latest cyber disruption affecting the South American country. The nation’s consumer protection agency was hit by a ransomware attack that started on Aug. 25 (see: Chile Consumer Protection Agency Hit by Ransomware Attack) and just days ago, hundreds of thousands of emails hacked from the military’s Joint Chiefs of Staff were published online.

The judicial system on Monday attributed the spread of the Cryptolocker Trojan inside its network to a phishing email opened on Sunday night. It affected computers operating Windows 7 and loaded with McAfee antivirus, reaching just 1% of court system computers, said court administration official Zvonimir Koporcic. “We are changing the antivirus,” he said.

READ MORE

Bleeping Computer (September 27, 2022) Meta dismantles massive Russian network spoofing Western news sites

Meta says it took down an extensive network of Facebook and Instagram accounts pushing disinformation published on more than 60 websites that spoofed multiple legitimate news sites across Europe.

This influence network mainly targeted Germany, France, Italy, Ukraine, and the U.K., with original articles arguing that Western sanctions on Russia would backfire and criticizing Ukraine and Ukrainian refugees. 

“The operation began in May of this year and centered around a sprawling network of over 60 websites carefully impersonating legitimate websites of news organizations in Europe,” said Meta’s Global Threat Intelligence Lead Ben Nimmo and Threat Disruption Director David Agranovich.

READ MORE

Security Week (September 27, 2022) Samsung Sued Over Recent Data Breaches

Represented by Clarkson Law Firm, two Samsung users have filed a class action lawsuit against the electronics manufacturer over the two data breaches the company has suffered in 2022.

The 43-page complaint filed with the Federal District Court for the Northern District of California claims that Samsung unnecessarily collected user data and then stored and sold it without proper security protections, which led to two back-to-back data breaches.

The lawsuit claims that Samsung intentionally disabled specific functions and features of its electronics products, including TVs and printers, and required users to submit personally identifiable information such as home addresses and dates of birth.

READ MORE 

Infosecurity (September 27, 2022) TikTok Facing £27m UK Regulatory Fine

The UK’s privacy regulator has announced its intention to fine TikTok £27m over breaches of the country’s data protection laws. The Information Commissioner’s Office (ICO) issued the Chinese social networking giant with a “notice of intent” that explains it believes TikTok broke the law between 2018 and 2020.

The ICO’s provisional findings indicate that TikTok may have:

Processed the data of children under the age of 13 without “appropriate” parental consent
Failed to provide information to users “in a concise, transparent and easily understood way”
Processed special category data – which includes ethnic and racial origin, genetic, health and biometric data, and more – without legal grounds to do so

READ MORE 

Other Top Cybersecurity News

Meta Takes Down Russian “Smash-and-Grab” Disinformation Campaign – Infosecurity

Most organizations had a cloud-related security incident in the past year | Cybersecurity Dive

Energy, Finance and Telecoms Corporations Test Their Cyber Mettle – Wall Street Journal PRO (requires subscription)

IRS warns Americans of massive rise in SMS phishing attacks – Bleeping Computer 

The Dire Warnings in the Lapsus$ Hacker Joyride – Wired

What the Securing Open Source Software Act does and what it misses – ZDNet 

Paying the ransom is still the most common response to a ransomware attack – VM Blog 

Hacktivist Attacks Show Ease of Hacking Industrial Control Systems – Security Week 

Payment Systems – What’s on the horizon? – Lexology

New Report on IoT Security – Schneier on Security

Source: https://securityboulevard.com/2022/09/cybersecurity-news-round-up-week-of-september-26-2022/