The Target: International Committee of the Red Cross
The Take: Exposure of 515,000 records of personal data and backdoor access to the firm’s IT systems.
The Vector: The threat actors used a known software vulnerability in a third-party platform named Zoho that ICRC was employing to execute their malicious code remotely. As Zoho had not patched the vulnerability, the attackers took advantage and penetrated the system, letting them pivot to ICRC’s data.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-part systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
CNBC: The conflict has prompted concerns of cyberattacks, especially against critical infrastructure companies. Since last week, Ukraine has already experienced two such attacks that affected government websites. The U.S. attributed the first attack to Russia, which the country denied, and said the second one was consistent with what it would expect from Russia.
CNN Business: The standoff between the United States and Russia over the conflict in Ukraine has so far mainly played out on diplomatic and economic fronts.
Help net Security: Cyble announced that it has raised a US $10M Series A financing round led by Blackbird, with continued participation from Spider Capital, January Capital, Cendana Capital, and VentureSouq.
Dark Reading: If you knew that putting a lock on your front door would lessen the likelihood of your valuables being stolen, would you install a deadbolt? The logical and simple answer would be: yes.
Financial Post: eSentire, Inc., the Authority in Managed Detection and Response (MDR), today announced it has achieved a valuation greater than US$1 billion, as it raised US$325 million in funding through a binding agreement with Georgian and Caisse de dépot et placement du Québec (CDPQ).
The Target: The Internet Society or ISOC, a non-profit organization whose mission is to keep the internet open source and secure.
The Take: Exposure of Personally Identifiable Information of 80,000 records including: full names, email addresses, physical mailing addresses, and login information.
The Vector: A third-party vendor misconfigured a database server, leaving it open and accessible by anyone with an internet connection.
It is important to employ all-encompassing credential management, user authentication and validation, as much possible, on third-party vendors which have access to a firm’s data. An unprotected point of entry on a key piece of equipment like a server can lead to a breach with a cascading effect on data exposure.
Business Telegraph: Britain’s tech sector continues to break records as new government data shows more than 1,800 cyber security firms generated a total of £10.1 billion in revenue in the most recent financial year, a 14 per cent increase from the previous financial year.
The United States Department of Justice: The Justice Department today announced the selection and appointment of Eun Young Choi to serve as the first Director of the National Cryptocurrency Enforcement Team (NCET).
Yahoo Finance: The global Cybersecurity market was valued at USD 149.7 Billion in 2020 and is projected to reach USD 346.0 Billion by the year 2027. The market is expected to register a CAGR of 13.4% during the forecast period.
Financial Post: Cloud-based security solutions provider Securonix has raised more than $1 billion in a private fundraising round led by private equity firm Vista Equity Partners, the company said.
The Target: Wormhole, a cryptocurrency online trading platform.
The Take: $322 million ETH currency.
The Vector: A website vulnerability allowed the attacker to fool the exchange software to release far greater number of the ETH currency than was specified through a temporary token. By altering the conversion, the hacker was able to withdraw far more than the number the entered.
This breach highlights the importance of locking input forms in a firm’s website, be it a name field, email field, or account field, anywhere the user is sending information to the database is a prime target for threat actors. Regular testing for software vulnerabilities is a key component of upholding robust cybersecurity posture.
BNN Bloomberg: Criminals netted $1.3 billion in ransom payments from hacking victims in the past two years, reflecting a massive surge in cybercrime that has prompted a global effort to stop it, according to a new report from Chainalysis Inc.
Security Week: Over the past several years, ransomware has become the most prevalent threat to organizations in private and public sectors alike, including financial services, food and agriculture, government, healthcare, and other critical infrastructure industries.
SEC: The Securities and Exchange Commission today voted to propose rules related to cybersecurity risk management for registered investment advisers, and registered investment companies and business development companies (funds), as well as amendments to certain rules that govern investment adviser and fund disclosures.
U.S. News: The European Central Bank is preparing banks for a possible Russian-sponsored cyber attack as tensions with Ukraine mount, two people with knowledge of the matter said, as the region braces for the financial fallout of any conflict.
Bleeping Computer: The US Department of Justice announced that law enforcement seized billions worth of cryptocurrency linked to the 2016 Bitfinex cryptocurrency exchange hack.
U.S. News: Britain's foreign ministry was the target of a serious cyber security incident earlier this year, according to tender documents posted on the government's website.
U.S. News: North Korea is continuing to steal hundreds of millions of dollars from financial institutions and cryptocurrency firms and exchanges, illicit money that is an important source of funding for its nuclear and missile programs, U.N. experts said in a report quoting cyber specialists.
The Target: A New York based tech company that provides audio, web conferencing, and market research services.
The Take: Exposure of up to 100,000 records of Personally Identifiable Information including: thousands of hours of audio and video meetings, written transcripts between the firm and their clients, employee’s full names and photos.
The Vector: An unsecured Amazon S3 storage server was left open with no credential management, meaning anyone with an internet connection could access the device and retrieve the data.
This breach highlights the critical nature of employing robust practices of credential management, user authentication and validation around all points of access. An unprotected point of entry on a key piece of equipment like a server can lead to a breach with a cascading effect on data security. The detailed personal information contained in the audio and video files expose users to highly targeted phishing attacks and fraud.
U.S. News: Russia could use cyberattacks as part of its efforts to destabilise and further invade Ukraine, a White House cyber official visiting her European counterparts said.
Financial Post: Buyout firm KKR & Co Inc is exploring a sale or an initial public offering for Optiv Security Inc, a U.S. cybersecurity solutions distributor and consultant it controls at a valuation of more than $3 billion, including debt, according to people familiar with the matter.
Coin Desk: "So far this morning, 94,643.29 bitcoins ($3.55 billion) have been moved in 23 transactions, from a wallet associated with a theft from Bitfinex in 2016, to a new address," blockchain analytics firm Elliptic said. These originate from a theft suffered by Bitfinex in 2016, the firm added.
Akin Gump: Gary Gensler, Chair of the U.S. Securities and Exchange Commission (SEC), signaled a new era of cybersecurity law (and accompanying enforcement) in his keynote address “Cybersecurity and Securities Laws” on January 24, 2022, at the Northwestern Pritzker School of Law’s Annual Securities Regulation Institute.
Tech Radar: COVID-19 has presented a visceral, public, and clear lesson in risk management and response. This got me thinking about how our responses to the pandemic can inform our responses to cyber risk. What can we learn from our successes and mistakes to reduce the likelihood of a breach?