Coindesk: In a note to clients, CEO Pascal Gauthier said the French hardware wallet provider fell victim to a large-scale data breach from an unauthorized third party. The hacker, whose identity remains unknown, gained access to Ledger's e-commerce and marketing database.
Kaspersky: Incident analysis by Kaspersky of two cases in Europe and Asia has uncovered that VHD ransomware – first discussed in public in spring 2020 – is owned and operated by Lazarus, a prominent APT group. The move by Lazarus to create and distribute ransomware signifies a change of strategy and indicates a willingness to engage in big game hunting in pursuit of financial gain, which is highly unusual among state-sponsored APT groups.
PoliticsHome: Tom Tugendhat, chair of the foreign affairs select committee, said professional contacts received bizarre fake press releases, while friends and family were sent untrue claims about his private life.
Forbes: Yet again, there has been a major cyber attack, this time of Garmin, the navigation company. It was hit by a ransomware attack on Thursday, leaving customers to wonder whether Garmin will pay $10 Million in ransom. In the case of some hacks, people and companies pay, since the cost of being frozen out can just be too big.
Independent: Releasing a 50-page document earlier this week, the Intelligence and Security Committee (ISC) warned that Moscow’s influence in the UK was the “new normal” and accused successive governments of not wanting to address the issue surrounding the 2016 vote with a “10-foot pole”.
The target: Benefit Recovery Specialists Inc, a Houston-based billing and debt collection vendor.
The take: 275,000 records of Personally Identifiable Information such as: name, date of birth, date of service, provider name, policy identification number, procedure code, and/or diagnosis code. For a small number of the records, Social Security numbers were also leaked.
The attack vector: The attackers accessed BRSI’s systems with stolen employee credentials, and used their access to deploy malware internally. While not confirmed by BRSI, experts believe the description of the attack match those of a successful phishing campaign. BRSI’s IT systems hosted the malware for 10 days before the malicious activity was discovered.
This breach highlights the importance of regular employee training and education around common social engineering attacks. The records exposed in this incident, and similar data held by other medically related vendors, underscores the severity of this type of data exposure as it can lead to sophisticated identify theft. It also is a critical reminder for companies using third party vendors that their overall security posture is dependent upon the robustness of all the firms which hold their data.
ZDNet: The UK's National Cyber Security Centre has detailed the cyber threats faced by the elite sports industry – and revealed that more than 70% of sports institutions have been the victim of some kind of attempted cyberattack or hacking incident over the past 12 months.
Radio Free Europe: Artem Radchenko, 28, and Oleksandr Ieremenko, 28, acquired inside information on publicly traded companies by stealing test versions of quarterly and annual reports filed with the SEC but not yet available to investors, the Secret Servicesaid in a statement on July 22.
Tech Crunch: In the heels Hippo’s funding round and our exploration of how the private markets appear to be more conservative than public investors at the moment, we’re asking a new question: are a bunch of insurtech startups undervalued?
Financial Times: Fraudsters have cloned the Financial Conduct Authority's website, including a page which encourages firms to register for online invoicing and pay annual fees.