IT Security Newsletter - 01/08/2021
Hacker sells Aurora Cannabis files stolen in Christmas cyberattack
A hacker is selling the data stolen from cannabis giant Aurora Cannabis after breaching their systems on Christmas day. Aurora Cannabis is a Canadian cannabis producer listed on both the Toronto Stock Exchange and the New York Stock Exchange. The company operates numerous cannabis-related medical and consumer brands, including MedRelease, CanniMed, Whistler Medical Marijuana Corp., San Rafael, Daily Special, and Woodstock. READ MORE...
Funke Media Group suffers nationwide ransomware attack in Germany
On December 22, Germany's third largest publisher fell victim to a cyberattack that affected systems in offices all around the country. The Funke Media Group publishes dozens of newspapers, like Berliner Morgenpost, Hamburger Abendblatt, and Bergedorfer Zeitung, as well as magazines, several local radio stations, and online news portals. It reaches over 3 million readers on a daily basis. The impact of the ransomware attack. READ MORE...
FBI Warns Businesses of Egregor Ransomware Attacks
Offered under a Ransomware-as-a-Service (RaaS) business model, the Egregor ransomware poses a great threat to businesses due to the use of double extortion, a recent private industry notification from the Federal Bureau of Investigation warns. Initially observed by the FBI in September 2020, Egregor has claimed more than 150 victims to date, all around the world. Following network compromise, Egregor's operators don't just encrypt victims' files, but also exfiltrate data. READ MORE...
Sealed U.S. court records possibly accessed by SolarWinds attackers
The Administrative Office (AO) of the U.S. Courts has revealed on Wednesday that it is investigating whether sealed U.S. court records had been accessed by the SolarWinds attackers. In related news, SolarWinds has hired former CISA director Chris Krebs and Stanford Uni professor and former Facebook CSO Alex Stamos to help them recover from the hack that lead to compromises of a considerable number of businesses (including FireEye and Microsoft) and US government agencies. READ MORE...
Ryuk ransomware Bitcoin wallets point to $150 million operation
Security researchers following the money circuit from Ryuk ransomware victims into the threat actor's pockets estimate that the criminal organization made at least $150 million. They found that Ryuk operators primarily use two legitimate cryptocurrency exchanges to cash out the Bitcoin from paying victims as fiat money. Threat intelligence companies Advanced Intelligence and HYAS tracked 61 Bitcoin wallets attributed to the Ryuk malware enterprise. READ MORE...
U.S. Department of State Approves New Cyberspace Security Bureau
United States Secretary of State Mike Pompeo this week approved the creation of the Bureau of Cyberspace Security and Emerging Technologies (CSET). Initially announced in 2019, the CSET Bureau should help the U.S. and its allies better handle expanding foreign cyber-threats. It is also meant as a step toward organizing America's cyberspace and emerging technology security diplomacy. China, Russia, Iran, and North Korea are considered by the United States threats to its national security. READ MORE...
Hackers can clone Google Titan 2FA keys using a side channel in NXP chips
There's wide consensus among security experts that physical two-factor authentication keys provide the most effective protection against account takeovers. Research published today doesn't change that, but it does show how malicious attackers with physical possession of a Google Titan key can clone it. There are some steep hurdles to clear for an attack to be successful. A hacker would first have to steal a target's account password and to also gain covert possession of the physical key. READ MORE...
- ...in 1790, President George Washington delivers the first State of the Union address in New York City.
- ...in 1935, rock singer and cultural icon Elvis Presley is born in Tupelo, MS.
- ...in 1942, English theoretical physicist and author Stephen Hawking is born in Oxford.
- ...in 1947, musician David Robert Jones -- who changed his name to David Bowie to avoid confusion with the Monkees singer -- is born in London.