InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Shutterfly
https://www.bleepingcomputer.com/news/security/shutterfly-services-disrupted-by-conti-ransomware-attack/Exploit: Ransomware
Shutterfly: Digital Image & Photography Services
Risk to Business: 1.876=Severe
Shutterfly has been hit with a Conti ransomware attack that allegedly encrypted over 4,000 devices and 120 VMware ESXi servers. On the Conti leak site, they offer samples of stolen Shutterfly data including legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and customer information, including the last four digits of credit cards. Shutterfly said in a statement that their Shutterfly.com, Snapfish, TinyPrints, or Spoonflower sites were not affected by the attack. However, their corporate network, Lifetouch, BorrowLenses, and Groovebook experienced service disruptions.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses as well as retail users.
Pro Wrestling Tees
https://www.bleepingcomputer.com/news/security/pro-wrestling-tees-discloses-data-breach-after-credit-cards-stolen/Exploit: Hacking (Payment Skimmer)
Pro Wrestling Tees: Merchandise & Fan Experience Platform
Risk to Business: 1.612=Severe
Pro Wrestling Tees has disclosed a data breach incident that has resulted in the compromise of the financial details of tens of thousands of its customers. In a data breach notification sent to affected individuals on December 15, 2021, Pro Wrestling Tees disclosed that it was informed by law enforcement that a small portion of its customers’ credit card numbers had been compromised in a malware infection.
Risk to Business: 1.919=Severe
The unnamed cybercriminals stole full names and credit card numbers of Pro Wrestling Tees customers who processed transactions through the platform including CVV codes. The company contends that they don’t store card info within their software and that only a small number of customers who used the checkout page were affected, although users on Reddit claim that many customers have seen fraudulent charges pile up.
How It Could Affect Your Business: Payment card skimmers and other similar malware are an occupational hazard for any company that processes online payments.
Maryland Department of Health
https://www.washingtonpost.com/dc-md-va/2021/12/05/maryland-health-department-cyberattack/Exploit: Hacking
Maryland Department of Health: State Government Agency
Risk to Business: 1.717= Severe
The Maryland Department of Health experienced a cyberattack in early December that disrupted reporting of COVID-19 cases, deaths, testing and vaccination data. Some outlets are pointing to ransomware as the culprit but that has not been confirmed and state officials offered no details of the incident. The attack also impacted reporting in Baltimore. Systems were restored and the state began reporting COVID-19 data again on January 4.
Customers Impacted: Unknown
How It Could Affect Your Business: State agencies have been high on cybercriminals’ target lists throughout 2021 because they’re likely to pay the ransom and that trend is expected to continue in 2022.
UK – Gloucester City Council
https://www.bbc.com/news/uk-england-gloucestershire-59831468Exploit: Hacking
Gloucester City Council: Municipal Government Body
Risk to Business: 1.809 = Severe
Gloucester City Council is in the process of restoring municipal services in the wake of a December 20 cyberattack. Impacted functions include the council’s online revenue and benefits sections as well as planning and customer services. City residents are also unable to access interactive online application forms for housing benefits, council tax support, test and trace support payments and discretionary housing payments. The council is working with the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) to fix the issue.
Customers Impacted: Unknown
How it Could Affect Your Business: Infrastructure targets and municipalities have been very attractive to cybercriminals looking for quick ransom payments to restore essential services.
Norway – Amedia
https://therecord.media/cyberattack-on-one-of-norways-largest-media-companies-shuts-down-presses/Exploit: Ransomware
Amedia: Media Company
Risk to Business: 1.412= Extreme
Amedia, the largest local news publisher in Norway, experienced a suspected ransomware attack last week that shut down several of its essential systems, leaving it unable to publish its 78 printed newspapers until Friday in some cases. Amedia also said that its online news operations were unaffected, but the company suspects that unspecified that personal data belonging to employees may have been accessed during the attack. Vice Society is the ransomware gang purportedly responsible for this attack.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.
Portugal – Impresa
https://www.itp.net/security/portuguese-media-group-impresa-crippled-by-ransomware-attackExploit: Ransomware
Impresa: Media Company
Risk to Business: 1.701 = Severe
Portuguese media company Impresa, the owners of the country’s largest newspaper Expresso and biggest TV channel SIC TV has been hit with a ransomware attack by the Lapsus$ ransomware group. The Impresa attack hit over the New Year holiday weekend. SIC TV’s internet streaming transmission was interrupted but broadcasts remained operational. The cybercriminals responsible also gained access to Expresso’s Twitter account, announcing their success with a pinned tweet: “Lapsus$ is officially the new president of Portugal”.
Customers Impacted: Unknown
How it Could Affect Your Business: Multiple media companies were hit this week, a reminder that cybercriminals sometimes set their sights on many targets in one industry at the same time.
Germany – Sennheiser
https://www.hackread.com/german-audio-tech-sennheiser-expose-customers-data/
Exploit: MisconfigurationSennheiser: Audio Equipment Manufacturer
Risk to Business: 1.688 = Severe
Leading German audio equipment manufacturer, Sennheiser is in hot water after it misconfigured an Amazon Web Services (AWS) server. The unsecured server stored around 55GB of information on over 28,000 Sennheiser customers. The database contained data on customers that was collected between 2015-2018. The exposed AWS server was secured by Sennheiser quickly upon discovery.
Customers Impacted: Unknown
How it Could Affect Your Business: Simple cybersecurity blunders and employee carelessness can create complicated and expensive security incidents.
Ghana – National Service Secretariate (NSS)
https://www.zdnet.com/article/nsw-government-casual-recruiter-suffers-ransomware-hit/Exploit: Misconfiguration
National Service Secretariate (NSS): National Government Agency
Risk to Business: 1.883 = Severe
Ghana’s National Service Secretariate (NSS) exposed 55GB worth of citizens’ data in a misconfigured AWS S3 bucket. The foul-up exposed 55GB of data on up to 700,000 citizens. NSS is a government program that manages a compulsory year of public service for Ghana-based graduates from specific educational institutions. The Computer Emergency Response Team of Ghana (CERT-GH) is investigating the incident and handling response.
Risk to Business: 2.105 = Severe
The exposed database contained program membership cards and identity documents of the participants, including the participant’s details for the Ghana National Health Insurance Scheme and professional IDs for the candidates’ placements. The agency also stored different types of passport photos that the participants submitted in this bucket.
How it Could Affect Your Business: Any entity that is storing large amounts of sensitive data needs to make sure that they have taken reasonable precautions to protect it.
Shutterfly
https://www.bleepingcomputer.com/news/security/shutterfly-services-disrupted-by-conti-ransomware-attack/Exploit: Ransomware
Shutterfly: Digital Image & Photography Services
Risk to Business: 1.876=Severe
Shutterfly has been hit with a Conti ransomware attack that allegedly encrypted over 4,000 devices and 120 VMware ESXi servers. On the Conti leak site, they offer samples of stolen Shutterfly data including legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and customer information, including the last four digits of credit cards. Shutterfly said in a statement that their Shutterfly.com, Snapfish, TinyPrints, or Spoonflower sites were not affected by the attack. However, their corporate network, Lifetouch, BorrowLenses, and Groovebook experienced service disruptions.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses as well as retail users.
Pro Wrestling Tees
https://www.bleepingcomputer.com/news/security/pro-wrestling-tees-discloses-data-breach-after-credit-cards-stolen/Exploit: Hacking (Payment Skimmer)
Pro Wrestling Tees: Merchandise & Fan Experience Platform
Risk to Business: 1.612=Severe
Pro Wrestling Tees has disclosed a data breach incident that has resulted in the compromise of the financial details of tens of thousands of its customers. In a data breach notification sent to affected individuals on December 15, 2021, Pro Wrestling Tees disclosed that it was informed by law enforcement that a small portion of its customers’ credit card numbers had been compromised in a malware infection.
Risk to Business: 1.919=Severe
The unnamed cybercriminals stole full names and credit card numbers of Pro Wrestling Tees customers who processed transactions through the platform including CVV codes. The company contends that they don’t store card info within their software and that only a small number of customers who used the checkout page were affected, although users on Reddit claim that many customers have seen fraudulent charges pile up.
How It Could Affect Your Business: Payment card skimmers and other similar malware are an occupational hazard for any company that processes online payments.
Maryland Department of Health
https://www.washingtonpost.com/dc-md-va/2021/12/05/maryland-health-department-cyberattack/Exploit: Hacking
Maryland Department of Health: State Government Agency
Risk to Business: 1.717= Severe
The Maryland Department of Health experienced a cyberattack in early December that disrupted reporting of COVID-19 cases, deaths, testing and vaccination data. Some outlets are pointing to ransomware as the culprit but that has not been confirmed and state officials offered no details of the incident. The attack also impacted reporting in Baltimore. Systems were restored and the state began reporting COVID-19 data again on January 4.
Customers Impacted: Unknown
How It Could Affect Your Business: State agencies have been high on cybercriminals’ target lists throughout 2021 because they’re likely to pay the ransom and that trend is expected to continue in 2022.
UK – Gloucester City Council
https://www.bbc.com/news/uk-england-gloucestershire-59831468Exploit: Hacking
Gloucester City Council: Municipal Government Body
Risk to Business: 1.809 = Severe
Gloucester City Council is in the process of restoring municipal services in the wake of a December 20 cyberattack. Impacted functions include the council’s online revenue and benefits sections as well as planning and customer services. City residents are also unable to access interactive online application forms for housing benefits, council tax support, test and trace support payments and discretionary housing payments. The council is working with the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) to fix the issue.
Customers Impacted: Unknown
How it Could Affect Your Business: Infrastructure targets and municipalities have been very attractive to cybercriminals looking for quick ransom payments to restore essential services.
Norway – Amedia
https://therecord.media/cyberattack-on-one-of-norways-largest-media-companies-shuts-down-presses/Exploit: Ransomware
Amedia: Media Company
Risk to Business: 1.412= Extreme
Amedia, the largest local news publisher in Norway, experienced a suspected ransomware attack last week that shut down several of its essential systems, leaving it unable to publish its 78 printed newspapers until Friday in some cases. Amedia also said that its online news operations were unaffected, but the company suspects that unspecified that personal data belonging to employees may have been accessed during the attack. Vice Society is the ransomware gang purportedly responsible for this attack.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.
Portugal – Impresa
https://www.itp.net/security/portuguese-media-group-impresa-crippled-by-ransomware-attackExploit: Ransomware
Impresa: Media Company
Risk to Business: 1.701 = Severe
Portuguese media company Impresa, the owners of the country’s largest newspaper Expresso and biggest TV channel SIC TV has been hit with a ransomware attack by the Lapsus$ ransomware group. The Impresa attack hit over the New Year holiday weekend. SIC TV’s internet streaming transmission was interrupted but broadcasts remained operational. The cybercriminals responsible also gained access to Expresso’s Twitter account, announcing their success with a pinned tweet: “Lapsus$ is officially the new president of Portugal”.
Customers Impacted: Unknown
How it Could Affect Your Business: Multiple media companies were hit this week, a reminder that cybercriminals sometimes set their sights on many targets in one industry at the same time.
Germany – Sennheiser
https://www.hackread.com/german-audio-tech-sennheiser-expose-customers-data/
Exploit: MisconfigurationSennheiser: Audio Equipment Manufacturer
Risk to Business: 1.688 = Severe
Leading German audio equipment manufacturer, Sennheiser is in hot water after it misconfigured an Amazon Web Services (AWS) server. The unsecured server stored around 55GB of information on over 28,000 Sennheiser customers. The database contained data on customers that was collected between 2015-2018. The exposed AWS server was secured by Sennheiser quickly upon discovery.
Customers Impacted: Unknown
How it Could Affect Your Business: Simple cybersecurity blunders and employee carelessness can create complicated and expensive security incidents.
Ghana – National Service Secretariate (NSS)
https://www.zdnet.com/article/nsw-government-casual-recruiter-suffers-ransomware-hit/Exploit: Misconfiguration
National Service Secretariate (NSS): National Government Agency
Risk to Business: 1.883 = Severe
Ghana’s National Service Secretariate (NSS) exposed 55GB worth of citizens’ data in a misconfigured AWS S3 bucket. The foul-up exposed 55GB of data on up to 700,000 citizens. NSS is a government program that manages a compulsory year of public service for Ghana-based graduates from specific educational institutions. The Computer Emergency Response Team of Ghana (CERT-GH) is investigating the incident and handling response.
Risk to Business: 2.105 = Severe
The exposed database contained program membership cards and identity documents of the participants, including the participant’s details for the Ghana National Health Insurance Scheme and professional IDs for the candidates’ placements. The agency also stored different types of passport photos that the participants submitted in this bucket.
How it Could Affect Your Business: Any entity that is storing large amounts of sensitive data needs to make sure that they have taken reasonable precautions to protect it.
Phishing is a social engineering attack used to obtain sensitive information, such as login credentials and payment details, from users. It happens when an attacker, posing as a trusted source, dupes a victim into clicking on a malicious link or downloading a spam file sent over email, text messages, phone calls or social media. If you fall into this trap, you could end up with malware, system slowdowns and sensitive data loss, among other things.
The term phishing is one of the most reviled in today’s digital landscape and is a significant concern for executives. It's no surprise that the word is frowned upon when the attack vector is responsible for more than 20% of data breaches.*
These attacks can be severely damaging for people and businesses. While individuals are affected by illicit purchases, financial fraud or identity theft, a company that is the victim of such an attack, in most cases, suffers severe financial losses as well as a loss of market share, reputation and stakeholder trust.
An unfortunate reality regarding phishing is that the attack vector is becoming more sophisticated and frequent with each passing day.
Why phishing attacks are becoming more frequent
Threat actors have recently targeted businesses via the website contact form, pretending to be legal authorities, saying that the company is not complying with the law and asking the organization to download a "report."
To avoid falling victim to phishing, all small and midsize businesses (SMBs) must be constantly vigilant. To keep your business safe, you must:
Trying to guard against phishing on your own takes a lot of effort and resources, especially if you're running a business. Collaborating with an expert like us relieves you of additional concern and responsibility. Contact us today to set up a consultation and we'll handle the heavy lifting for you.
The term phishing is one of the most reviled in today’s digital landscape and is a significant concern for executives. It's no surprise that the word is frowned upon when the attack vector is responsible for more than 20% of data breaches.*
These attacks can be severely damaging for people and businesses. While individuals are affected by illicit purchases, financial fraud or identity theft, a company that is the victim of such an attack, in most cases, suffers severe financial losses as well as a loss of market share, reputation and stakeholder trust.
An unfortunate reality regarding phishing is that the attack vector is becoming more sophisticated and frequent with each passing day.
Why phishing attacks are becoming more frequent
Remote/hybrid workforce
Organizational oversights
Constantly evolving cybercriminals
Threat actors have recently targeted businesses via the website contact form, pretending to be legal authorities, saying that the company is not complying with the law and asking the organization to download a "report."
Cheap phishing tools
How can businesses stay safe?
To avoid falling victim to phishing, all small and midsize businesses (SMBs) must be constantly vigilant. To keep your business safe, you must:
- Facilitate regular security awareness training to ensure that everyone is on the same page and that employees strictly adhere to relevant security requirements.
- Ensure that your IT infrastructure is up to date so that hackers cannot exploit unpatched/non-updated systems.
- Enforce strong password policies and create a system that prohibits anyone from evading them.
- Try and isolate vital infrastructure components as much as possible, so that everything doesn't collapse like a house of cards after a breach.
- Conduct mock phishing drills to get data on your employees' degree of alertness.
- Deploy an automated phishing detection solution that is powered by artificial intelligence.
Trying to guard against phishing on your own takes a lot of effort and resources, especially if you're running a business. Collaborating with an expert like us relieves you of additional concern and responsibility. Contact us today to set up a consultation and we'll handle the heavy lifting for you.
Source:
*Verizon DBIR
Phishing is a social engineering attack used to obtain sensitive information, such as login credentials and payment details, from users. It happens when an attacker, posing as a trusted source, dupes a victim into clicking on a malicious link or downloading a spam file sent over email, text messages, phone calls or social media. If you fall into this trap, you could end up with malware, system slowdowns and sensitive data loss, among other things.
The term phishing is one of the most reviled in today’s digital landscape and is a significant concern for executives. It's no surprise that the word is frowned upon when the attack vector is responsible for more than 20% of data breaches.*
These attacks can be severely damaging for people and businesses. While individuals are affected by illicit purchases, financial fraud or identity theft, a company that is the victim of such an attack, in most cases, suffers severe financial losses as well as a loss of market share, reputation and stakeholder trust.
An unfortunate reality regarding phishing is that the attack vector is becoming more sophisticated and frequent with each passing day.
Why phishing attacks are becoming more frequent
Threat actors have recently targeted businesses via the website contact form, pretending to be legal authorities, saying that the company is not complying with the law and asking the organization to download a "report."
To avoid falling victim to phishing, all small and midsize businesses (SMBs) must be constantly vigilant. To keep your business safe, you must:
Trying to guard against phishing on your own takes a lot of effort and resources, especially if you're running a business. Collaborating with an expert like us relieves you of additional concern and responsibility. Contact us today to set up a consultation and we'll handle the heavy lifting for you.
The term phishing is one of the most reviled in today’s digital landscape and is a significant concern for executives. It's no surprise that the word is frowned upon when the attack vector is responsible for more than 20% of data breaches.*
These attacks can be severely damaging for people and businesses. While individuals are affected by illicit purchases, financial fraud or identity theft, a company that is the victim of such an attack, in most cases, suffers severe financial losses as well as a loss of market share, reputation and stakeholder trust.
An unfortunate reality regarding phishing is that the attack vector is becoming more sophisticated and frequent with each passing day.
Why phishing attacks are becoming more frequent
Remote/hybrid workforce
Organizational oversights
Constantly evolving cybercriminals
Threat actors have recently targeted businesses via the website contact form, pretending to be legal authorities, saying that the company is not complying with the law and asking the organization to download a "report."
Cheap phishing tools
How can businesses stay safe?
To avoid falling victim to phishing, all small and midsize businesses (SMBs) must be constantly vigilant. To keep your business safe, you must:
- Facilitate regular security awareness training to ensure that everyone is on the same page and that employees strictly adhere to relevant security requirements.
- Ensure that your IT infrastructure is up to date so that hackers cannot exploit unpatched/non-updated systems.
- Enforce strong password policies and create a system that prohibits anyone from evading them.
- Try and isolate vital infrastructure components as much as possible, so that everything doesn't collapse like a house of cards after a breach.
- Conduct mock phishing drills to get data on your employees' degree of alertness.
- Deploy an automated phishing detection solution that is powered by artificial intelligence.
Trying to guard against phishing on your own takes a lot of effort and resources, especially if you're running a business. Collaborating with an expert like us relieves you of additional concern and responsibility. Contact us today to set up a consultation and we'll handle the heavy lifting for you.
Source:
*Verizon DBIR
Virginia Museum of Fine Arts
https://www.securityweek.com/virginia-museum-shuts-down-website-amid-it-breachExploit: Ransomware
Virginia Museum of Fine Arts: Art Museum
Risk to Business: 2.822=Moderate
A system security breach prompted the Virginia Museum of Fine Arts to shut down its website for a state investigation in late November 2021. The museum, an independent agency of the state, said the Virginia Information Technologies Agency detected an intrusion by an unauthorized third party to the museum’s environment in late November. An investigation is underway, and a temporary website has been established.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector including non-profits and cultural institutions.
McMenamins
https://www.kgw.com/article/news/local/mcmenamins-ransomware-attack/283-dc039d56-cf82-4f06-8862-c2f6223e3893Exploit: Ransomware
McMenamins: Hotel and Restaurant Chain
Risk to Business: 1.612=Severe
Family-owned hotel and restaurant chain McMenamins received an unwelcome holiday gift: ransomware. The company says that it has had to shut down credit card point-of-sale systems and corporate email but can still serve customers. The Conti ransomware group is thought to be responsible but the group has not claimed responsibility. The popular chain of restaurants, pubs, breweries and hotels is located in the Pacific Northwest: specifically, Washington and Oregon. The company has announced that it is working with the FBI and a third-party cybersecurity firm to investigate the attack.
Customers Impacted: Unknown
How It Could Affect Your Business: Companies that may be holding financial data and PII for clients will be attractive targets for ransomware groups.
The Oregon Anesthesiology Group (OAG)
https://www.zdnet.com/article/oregon-medical-group-notifies-patients-of-cybersecurity-breach-says-fbi-seized-hellokitty-accounts/Exploit: Ransomware
The Oregon Anesthesiology Group (OAG): Medical Care Provider
Risk to Business: 1.717= Severe
The Oregon Anesthesiology Group (OAG) disclosed that a ransomware attack in July led to the breach of sensitive employee and patient information. The company said it was contacted by the FBI on October 21 and informed that the Bureau had seized an account that contained OAG patient and employee files from Ukrainian ransomware group HelloKitty. The FBI also told OAG that the Bureau believes the group exploited a vulnerability in OAG’s third-party firewall to gain entry to its network.
Risk to Business: 1.802=Severe
The information of 750,000 patients and 522 current and former OAG employees was impacted in this incident. Patient information potentially involved in this incident included names, addresses, date(s) of service, diagnosis and procedure codes with descriptions, medical record numbers, insurance provider names, and insurance ID numbers. Cybercriminals also potentially accessed current and former OAG employee data, including names, addresses, Social Security numbers and other details from W-2 forms. OAG will provide victims of the incident 12 months of Experian identity protection services and credit monitoring.
How It Could Affect Your Business: Medical centers and providers can have big scores of data that are attractive to cybercriminals.
Superior Plus
https://www.darkreading.com/attacks-breaches/propane-distributor-hit-with-ransomwareExploit: Ransomware
Superior Plus: Propane Distributor
Risk to Business: 2.229 = Severe
Canadian propane distributor Superior Plus has fallen victim to a ransomware attack. The company announced that it was subject to a ransomware incident on Sunday, December 12, 2021, which impacted its computer system, resulting in the company temporarily disabling some computer systems and applications as it investigates this incident. The company is in the process of bringing these systems back online. The statement goes on to say that it has no evidence that the safety or security of any customer or other personal data has been compromised. Superior Plus supplies propane gas to more than 780,000 customers in the US and Canada, a hot commodity during the winter season.
Customers Impacted:
How it Could Affect Your Business: Infrastructure targets have been very attractive to cybercriminals looking for quick ransom payments to restore essential services.
Brazil – Ministry of Health (MoH)
https://www.zdnet.com/article/brazilian-ministry-of-health-hit-by-second-cyberattack-in-less-than-a-week/Exploit: Ransomware
Ministry of Health (MoH) – National Government Agency
Risk to Business: 1.107= Extreme
Brazil’s Ministry of Health (MoH) suffered not one but two ransomware attacks in the last week, seriously impacting its operations. The agency was still in the process of recovering from a ransomware attack on 12/10 when they were hit again on 12/13. In the initial attack, all of MoH’s websites, including ConecteSUS, which tracks the trajectory of citizens in the public healthcare system, became unavailable. This includes the COVID-19 digital vaccination certificate, which is available via the ConecteSUS app. The Lapsus$ Group has claimed responsibility for the first attack, claiming that it has stolen some 50TB worth of data. The department was quick to assure the public that it has the relevant data backed up. The second attack set recovery back, preventing Brazil’s platform that issues COVID-19 vaccine certificates, ConecteSUS , from coming back online as scheduled. Ministry officials said that the second attack had been unsuccessful and that no data had been compromised in that incident, but it had affected that timeline for recovery. The National Data Protection Authority (ANPD) is also working on the case and has contacted the Institutional Security Office and the Federal Police to collaborate with the investigations.
Customers Impacted: Unknown
How it Could Affect Your Business: Getting hit with multiple attacks in a short period of time could be a death blow to many organizations.
Ireland – Coombe Hospital
Exploit: HackingCoombe Hospital: Medical Center
Risk to Business: 2.711 = Moderate
The Coombe Hospital announced that it has been hit by a ransomware attack that has impacted its IT systems. The hospital stated that it had isolated and locked down its IT services on a precautionary basis. The maternity and infants’ hospital said that services are continuing as normal and no disruptions to patient care are expected. The HSE is assessing whether this will have a broader impact on the health service.
Customers Impacted: Unknown
How it Could Affect Your Business: Targets in the medical sector have been getting absolutely pounded by ransomware since the start of the global pandemic.
Greece – VulcanForged
https://www.vice.com/en/article/4awxep/hackers-steal-dollar140-million-from-users-of-crypto-gaming-companyExploit: Ransomware
VulcanForged: Cryptocurrency Gaming Company
Risk to Business: 1.7684 = Severe
Hackers stole around $135 million from users of the blockchain gaming company VulcanForge. Blockchain games appear chiefly designed as vehicles to buy and sell in-game items linked to NFTs using PYR. VulcanForge creates games such as VulcanVerse, which it describes as an MMORPG and an online card game called Berserk. Hackers stole the private keys to access 96 wallets, siphoning off 4.5 million PYR, VulcanForge’s token that can be used across its ecosystem, with an estimate $135 million in value.
Customers Impacted: Unknown
How it Could Affect Your Business: Any operation that handles or stores cryptocurrency is at a very high risk for trouble. This is the third cryptocurrency outfit to be hit by hackers this month
Australia – Finite Recruitment
https://www.zdnet.com/article/nsw-government-casual-recruiter-suffers-ransomware-hit/Exploit: Ransomware
Finite Recruitment: Staffing Firm
Risk to Business: 2.223 = Severe
IT recruitment firm Finite Recruitment has confirmed it experienced a cyberattack in October 2021 that resulted in some of the company’s data getting stolen and published on the dark web. The Conti ransomware group listed Finite Recruitment as a victim on its dark web leak site, claiming to have acquired 300GB of the company’s data. Finite Recruitment services several NSW government agencies as well as private clients.
Risk to Business: 2.015 = Severe
An estimated 38,000 employees and up to 80,000 government employees may have had their data exposed and that data may include financial data, contracts, customer databases with phone numbers and addresses, contracts with employees’ passport details, phone numbers, mail correspondence, and other information.
How it Could Affect Your Business: Cybercriminals are always on the hunt for big troves of personal and financial information and companes that store it are at a high risk for ransomware.