The target: Virtu Financial, a high-speed trading firm.
The take: 6.9 million USD
The attack vector: Virtu was victim to a BEC, or Business Email Compromise, scam. The attack began when an executive’s email account was compromised and used to send fraudulent requests to the company’s accounting department leading to two outgoing wire transfers. The threat actors disguised their internal movements by creating email rules to prevent the legitimate owner from realizing the attack was happening. Believing the spoofed email requests were real, the accounting department made the transfers. The fraud was discovered two days later due to an internal auditing process.
The security of high profile accounts is paramount to robust cybersecurity, and this attack highlights why high level employees are often under the greatest focus from outside threats. Beyond maintaining security for employees with this level of access, the vetting of requests, especially where funds are concerned, is a top priority for vigilant cybersecurity.
ZDNet: Security researchers have uncovered a new Russian-speaking hacking group that they claim has been focusing on the past three years on corporate espionage, targeting companies across the world to steal documents that contain commercial secrets and employee personal data.
The Jerusalem Post: The cyberattack was conducted by an international cyber group called “Lazarus,” an organization that is backed by a foreign country. While the statement did not mention which foreign country was believed to be involved, cyber experts have said after the incident that the perpetrators were most likely linked to North Korea.
Finextra: In court filings unearthed by BankInfoSecurity, Virtu says that its systems were hacked in May, giving the crooks access to the email account of an executive.
Yahoo Finance: Venture capital firm Amadeus Capital Partners is planning to raise three funds with a combined target of about $400 million for tech investments in industries including enterprise software, artificial intelligence and cybersecurity, people with knowledge of the matter said.
Business Computing: The global pandemic has seen a huge rise in people working from home, shopping online, and generally being more digitally connected than ever. There are plenty of good things that have come from this but there is a lot of bad as well. One of the biggest issues is that cyberattacks have skyrocketed during this period, according to MonsterCloud. Cybercriminals have taken this opportunity to up their attacks, both in frequency and scope. Here is what you need to know about the rise in cyberattacks during the COVID-19 pandemic of 2020.
DarkReading: The key commodities prices of oil, grains, sugar, and cotton don't just affect business sectors as they rise and fall with supply and demand: They also drive global trading activity and form the foundation of the world economy. The same applies to cybercrime.
Cyber Defense Magazine: Data is an organization’s most valuable asset, yet data loss is one of the biggest repercussions of a cyber attack. In 2019, more than 15 billion records were exposed in data breaches, amounting to more than $3.5 billion lost to cybercrime.
The target: Avon, a London-based cosmetics firm
The take: 19 million records of Personally Identifiable Information included: full names, phone numbers, dates of birth, email and home addresses. In addition, 40,000 security tokens, internal logs, account settings, and technical server information was also stolen.
The attack vector: The information was accessed from a wide open misconfigured cloud server for which there was no password protection or encryption. The server, which was publicly accessible on the internet to anyone with its IP address, was up for 9 days before being taken down.
Phishing attacks made possible through the personal information leaked here would be highly effective, however what’s potentially more damaging are the exposure of the technical details. Possessing this information could lead to attacks establishing full control of Avon’s servers and more. The storage of configurations which outline a firm’s technical operation is highly valuable and its exposure can have severe consequences. When this high level of information is compromised, threat actors could execute actions to take control of nearly every aspect of a company’s data and operations.
Yahoo News: Capital One Financial Corp <COF.N> will pay an $80 million penalty to a U.S. bank regulator after the bank suffered a massive data breach one year ago.