24 April 2020

IRM Weekly Cybersecurity Roundup: Facebook IDs stolen and more

267 million Facebook IDs sold for $540 dollarsFacebook IDs Stolen Roundup

A data breach has been revealed which shows that over 267 million Facebook IDs and accompanying information has been stolen and is being sold on the dark web for only $540 dollars.

Why so cheap? It’s thought the information contains a lot of fake data, duplicate Facebook IDs and it doesn’t include any passwords. This doesn’t make the stolen data useless though. The information includes personal data such as email addresses and phone numbers, meaning a cybercriminal could easily dream up a phishing email to catch out a Facebook user.

You can read more here.

New York’s ‘secret’ cyber-attack

With the pandemic news dominating the headlines, the story of a cyber-attack hitting New York state’s computer network has only just come to light.

In late January, it appears foreign hackers temporarily brought down several state databases. This was due to an unpatched vulnerability in use by a Chinese hacking group.

It’s thought that no personal data has been compromised or taken from the network, and further work is being done to harden the state’s networks.

You can read more here.

Cognizant hit by cyber-attack

The Maze ransomware group is thought to be behind a cyber-attack on IT services firm, Cognizant.

Organisations like Cognizant are a common target due to the fact they provide various services to large numbers of businesses, meaning cybercriminals can leverage pressure for them to pay ransoms to protect their clients.

Whilst Cognizant hasn’t disclosed how the hackers were able to access its systems, they’ve stated: “internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident.”

You can read more here.

Dutch government pleads insurers not to pay ransoms

Cyber insurers in the Netherlands have been told not to pay out ransoms by Government advisors, instead opting to pay for the financial damage caused by absorbing the affects of the ransomware attack.

This advice has been given in an attempt to stop incentivising cybercriminals to continue with ransomware techniques.

The government minister, Ferd Grapperhaus said: “It is my preference that the insurer does not reimburse the ransom that ends up in the hands of criminals, but rather the damage that is suffered by not paying this ransom”

You can read more here.

Children’s website ‘Webkinz’ leaks 23 million hashed passwords

webkinz website

Webkinz World – a website hosting children’s virtual toys – stated on the 19th April that they had not experienced a breach, despite nearly 23 million usernames and hashed passwords being published on a popular hacking forum.

It’s though that a threat actor posted 1GB of data including 22,982,319 usernames alongside their hashed passwords of the players using the online children’s games.

You can read more here.

Cybersecurity webinar supports NHS donation

This week, Phil Mason successfully ran a cybersecurity webinar aimed at teaching listeners about the various approaches to cybersecurity strategy.

As part of the webinar, Phil (Software Director for IRM), promised to donate £5 for each registration via various channels. Phil personally donated a total of £200 to the UK’s National Health Service (NHS) in a bid to support an institution which is suffering during the pandemic and is close to his heart.

If you would like to view the webinar, you can watch it on YouTube here.

Cyber experts rally to protect healthcare organisations

Various cyber experts, including the Head of Sec Ops for DEF CON and the Senior Security Program Manager at Microsoft, have got together to create a group to protect healthcare organisations from cyber-attacks during COVID-19 – named the CTI League.

Since the middle of March, the group has gained 1,400 vetted members across 76 countries. They’ve successfully managed to take down 2,833 cybercriminal assets on the internet and identify more than 2,000 vulnerabilities in healthcare institutions.

How does the group work? They work via the CISOs and suppliers of the health organisations to inform them of what they’ve discovered. If the vulnerabilities are severe, the FBI or Department of Homeland Security Cybersecurity get involved too.

The CTI League are working alongside other cybersecurity volunteers such as the COVID-19 Cyber Threat Coalition and Cyber Volunteers 19, who all have aims to protect organisations as the pandemic continues.

You can read more here.

Quick-Fire Updates

PC fans can be used to hack your computer: Research has shown that, in theory, PC fans could be used to steal data from your computer. If a compromised smartphone was nearby to the computer which could “hear” the vibrations of the PC fan, it could transfer the data back to the person committing the cyber-attack. Read more here.

EDP Group recovers from cyber-attack: The Portuguese energy firm has confirmed that, whilst last week’s cyber-attack did affect internal processes and services, it had not compromises the technical network or energy supply outputs. Read more here.

Want the IRM weekly cybersecurity roundup sent straight to your inbox? Sign up to our newsletter.