Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week and year to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
The Federal Bureau of Investigation has put out a public alert to ask for help in uncovering the members of the infamous cybercrime gang LAPSUS$. It has been documented that LAPSUS$ has now stolen data from Microsoft, NVIDIA, Ubisoft, Samsung, Globant and Okta. Although the FBI is seeking help to identify the members in LAPSUS$ no monetary award has been offered.
By GrahamCluley.com
Mailchimp, an email marketing service, has been the most recent victim of a data breach. The company reported that an unauthorised hacker accessed company data through the use of an “internal tool” used by its customer support and account administration team. It has been reported that around 300 Mailchimp accounts could be compromised, with 102 of these having their audience data stolen. API keys were also stolen in the attack, but Mailchimp has assured customers that these have been disabled and changed, making the stolen keys worthless to the hackers.
By TechCrunch.com
The Works, a book, arts & crafts store, has been a victim of a cyber attack. The Works was alerted to the incident due to its security firewall and has disabled access to its systems while a security team investigates the attack. Operations have been reported to be severely impacted, with emails down and internal systems offline, while some stores are closed and others are only accepting cash. The Works has reassured its customers that no bank details have been stolen in the attack, but longer delivery times are to be expected while the investigation takes place.
By BitDefender.com
The Isle of Wight Council has apologised to the users of its electric charging points, after it was discovered that a hacker had managed to gain access and redirect a website link. The chargers are meant to display GeniePoint’s website on a front-facing monitor, however this had been changed so that monitor would show a site hosting obscene sexual material. The problem has since been resolved and the affected charging points are due to be replaced with "new charge points over the next few months".
By BBC.co.uk
Inverse Finance, a Decentralised finance platform, has publicly stated that it was a victim of a hack resulting in the theft of $15 million worth of different cryptocurrencies. The hacker was able to manipulate the price of its native token, INV. With this, the hacker could mislead the system and offer themselves huge loans with low collateral. A report by PeckShield has disclosed that the initial deposit of the hacker was $3 million in Ethereum cryptocurrency and that the funds sent and received were to a wallet that had used Tornado Cash to hide its transactions. Inverse Finance has said all customers impacted by the price manipulation will be repaid in full.
By ZYCrypto.com
The US Justice Department has released details of a court authorised takedown of the Cyclops Blink Botnet. The botnet is known to be part of the Sandworm cyber gang that has worked for the Russian Federation's GRU espionage nerve centre. The task force carrying out the takedown removed malicious code from thousands of firewall devices being used as command-and-control servers. This severed ties between the cyber gang and the compromised machines used for its botnet. With the command-and-control servers down, the task force hasn’t yet aimed its sight into removing Cyclops Blink malware from individual devices being used as bots, they have only recorded the infected devices acting as command-and-control servers.
By TheRegister.com
A recent update released by Apple has patched two zero-day vulnerabilities discovered by anonymous security researchers. The two vulnerabilities are reportedly being actively exploited in the wild, which has pressured Apple to release a quick patch. The vulnerabilities reported are an out-of-bounds write issue with AppleAVD media decoder allowing for the execution of arbitrary code and an out-of-bounds read issue with Intel graphics driver which may lead to the disclosure of kernel memory. Any users of Mac, iPhone and iPad devices are advised to update to stay protected.
By TheRecord.media
And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.
Stay Safe, Secure and Healthy!
Edition #185 – 8th April 2022
Why not follow us on social media:
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
