Cyber Round-up for 26th June
Welcome to the latest edition of the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
The CLOP ransomware has struck again, this time crippling the operations of Indian conglomerate, Indiabulls Group; the attackers have released screenshots of the stolen data, requesting contact within 24 hours. They have confirmed that more data will be leaked if the ransom is not paid. No one knows when the attack occurred or how much the hackers demanded. The company has not yet responded to any demands, so the attackers leaked all of their data online after not being paid.
Cisco Talos are doing their best to help contribute to the anti-racism movements that have drastically risen over the last few weeks. Although the term blacklist is not specifically discriminatory, the movement is trying to remove the negative connotations surrounding the colour black. There has always been a general idea that white is good and black is bad, and this is used in many different concepts; in an attempt to break this stigma, Cisco are now replacing all mentions of ‘blacklist’ and ‘whitelist’ with ‘block list’ and ‘allow list’.
Twitter has informed its business clients of a data breach that has exposed their personal information. Reports suggest that email addresses, phone numbers, and certain payment card details could have been stolen. There is currently no evidence of billing information being compromised, but the company has since fixed the issue. Twitter have apologised for the breach and advise users to change passwords as a precaution.
A lot of company’s have taken to remote work since the lockdown began; although employing remote users has its benefits, it also introduces new security risks. Sending emails and dealing with critical company information can be risky when working from home, especially when it requires a lot of user interaction. In this situation, the biggest threat is human error, for example: sending critical data to the wrong email address. When working remotely, ensure that you are taking every precaution to keep your company’s data secure; just because you’re at home doesn’t mean you can relax.
A popular video game known as Stalker Online has been hacked, and over one million user passwords have been posted online available for download. The database of passwords was found for sale on a hacking forum at the start of May, which led to an investigation that uncovered the existence of a breach. The database is being sold for several hundred Euros worth of bitcoin, and also includes usernames, email addresses, phone numbers and IP addresses. If you have an account for this game, we highly recommend updating your password as soon as possible.
Vulnerabilities & Updates
As the need for Flash Player slowly disappears, Adobe are urging its users to uninstall the software from their computers. The product is scheduled for end-of-life on December 31, 2020, and we recommend removing it from your machines by this date; keeping out of date software on your computer presents a number of unnecessary security risks. The Flash Player has always been a primary target for hackers, and once it stops receiving updates, it will be an extreme risk to have on your machines.
And that’s it for this week’s round-up, please don’t forget to tune in for new instalments every week.
We hope this makes for light reading during these times of uncertainty.
Stay Safe, Secure and Healthy!
Edition #97 – 26th June 2020
Why not follow us on social media:
Ironshare – Security Simplified