DHS Finds 2023 Microsoft Security Breach Was Preventable, Chinese Hackers Took Advantage of Corporate Culture
https://www.cpomagazine.com/cyber-security/dhs-finds-2023-microsoft-security-breach-was-preventable-chinese-hackers-took-advantage-of-corporate-culture/DHS’s Cyber Safety Review Board has taken Microsoft to task for security failures that allowed a mid-2023 cyber attack by Chinese hackers that compromised government email accounts.
US Pharmacy Outage Triggered by ‘Blackcat’ Ransomware at UnitedHealth Unit
https://www.hstoday.us/subject-matter-areas/cybersecurity/us-pharmacy-outage-triggered-by-blackcat-ransomware-at-unitedhealth-unit/Hackers gained access to Change Healthcare’s information technology systems, leading to disruptions in prescription deliveries at pharmacies across the United States.
Russian Spies Brute Force Senior Microsoft Staff Accounts
https://www.infosecurity-magazine.com/news/russian-brute-force-senior/The compromised email accounts were not protected with multi-factor authentication – a major oversight for those involved. A password spray attack was used to gain access to accounts.
LoanDepot Breach: 16.6 Million People Impacted
https://www.securityweek.com/loandepot-breach-16-6-million-people-impacted/Lender LoanDepot (NYSE: LDI) said Monday that roughly 16.6 million people were impacted by a ransomware attack earlier this month. As part of its incident response, the company shut down certain systems and launched an investigation.
MGM, Caesars face 9 lawsuits in wake of cyberattacks
https://www.reviewjournal.com/business/casinos-gaming/mgm-caesars-face-9-lawsuits-in-wake-of-cyberattacks-2914851/Two major casino-resort operators face federal lawsuits in the wake of social engineering cyberattacks that exposed the personal information of thousands of customers. Lawsuits allege negligence and failure to follow FTC guidelines.
Tesla Says Insiders Leaked Employees’ Data
https://www.axios.com/2023/08/22/tesla-insiders-employee-data-leakIn a striking example of insider threat, a breach notification letter reveals that Tesla experienced a data leak involving personal information on more than 75,000 employees, including addresses, phone numbers, and Social Security numbers.
Amazon Duped Millions in Prime Enrollment Scam, Says FTC
https://cybernews.com/news/amazon-duped-millions-in-prime-membership-enrollment-scam-ftc-says/The FTC has filed a complaint accusing Amazon of tricking consumers into enrolling in its automatically-renewing Prime membership program while also making its cancellation process complicated and difficult for consumers to cancel.
Two U.S. School Districts Hit with Ransomware Attacks This Week
https://www.axios.com/2023/02/01/school-districts-ransomware-tucson-nantucketSchool districts in Tucson, Arizona, and Nantucket, Massachusetts, are working to mitigate the impact of ransomware attacks on their networks, with Nantucket schools forced to close. Schools have been targeted with these attacks for years due to IT budget constraints.
Media Apps Most Likely to Be Targeted by Threat Actors, Says Study
https://cybernews.com/news/media-apps-threat-actors/Apps used by the media industry to carry out jobs were found to be more than four times likely than average to have a “critical vulnerability,” according to research by penetration testing company Software Secured. Data and analytics industry apps came in second.
Cybercrime Is Being Commercialized to Mimic Corporations
https://cybernews.com/news/cybercrime-is-being-commercialized-to-mimic-corporations/Ransomware operators are adopting best business practices, allowing the cyber threat landscape to reach new levels of commercialization and convenience for attackers. Barriers to entering cybercrime are disappearing, with attackers of any skill level finding easy entry.
Aerojet Rocketdyne Agrees to Pay $9 Million to Resolve False Claims Act Allegations of Cybersecurity Violations in Federal Government Contracts
https://www.justice.gov/opa/pr/aerojet-rocketdyne-agrees-pay-9-million-resolve-false-claims-act-allegations-cybersecurityThe action is pursuant to the Department of Justice’s Civil Cyber-Fraud Initiative, announced in October 2021, that holds individuals or entities accountable for putting U.S. information or systems at risk, including through the misrepresentation of their cybersecurity practices or protocols.
Why Vendors Can’t Wait for CMMC to Raise Their Cyber Standards
https://fcw.com/defense/2022/02/why-vendors-cant-wait-cmmc-raise-their-cyber-standards/362454/In the wake of the Russian invasion of Ukraine, officials from the Department of Defense and security agencies are urging U.S. companies to bolster their cybersecurity postures and increase vigilance. Since CMMC could take up to two years to go into effect, DOD officials are urging defense contractors to get assessments before they are required.
Criminal Hackers Are Now Going After Phone Lines, Too
https://www.npr.org/2021/12/06/1060838850/criminal-hackers-are-now-going-after-phone-lines-tooThe digital telecommunications industry is scrambling to protect itself from attacks from criminal groups threatening to flood the digital phone lines of broadband phone service companies with traffic to take targets offline unless they pay a ransom. Weaponizing digital traffic alone can disrupt the company’s ability to operate without hacking.
Russian Group Behind SolarWinds Incident Ramping up Hacking Efforts, Analysis Says
https://thehill.com/policy/cybersecurity/584577-russian-hackers-behind-solarwinds-incident-continuing-hacking-efforts?rl=1The group known as “Nobelium” or “UNC2452,” responsible for one of the largest cyber espionage incidents in US history, has intensified its efforts and continued to target governments and businesses.
CMMC 2.0 to Pare Down Cybersecurity Requirements for Contractors
https://www.fedscoop.com/cmmc-2-0-to-pare-down-cybersecurity-requirements-for-contractors/Following nine months of internal review, the Department of Defense has revamped its Cybersecurity Maturity Model Certification, with major changes announced to the structure, scope and requirements of the program.
Ransomware Attacks Increased 148% in Q3 2021, Showing No Signs of Slowing
https://www.helpnetsecurity.com/2021/11/03/ransomware-attacks-q3-2021/Ransomware attacks continued on an upward trend through 2021, with year-end totals for attacks predicted to be near 714M. This aggressive growth makes 2021 the most active year on record for ransomware attacks.
Why Companies Don’t Test Their Readiness for Cyberattacks More Often – But Should – November 2021
https://www.forbes.com/sites/edwardsegal/2021/11/03/why-companies-dont-test-their-readiness-for-cyber-threats-more-often-but-should/amp/Limited budgets and penetration testing inefficiencies cause obstacles for companies to perform the cybersecurity testing they require, but with emerging cyber threats, the pressure is on to prioritize a security strategy.
Kaseya Says up to 1,500 Businesses Compromised in Massive Ransomware Attack
https://amp.cnn.com/cnn/2021/07/06/tech/kaseya-ransomware-attack-businesses-affected/index.htmlKaseya stated that 50 of their direct customers were breached in the attack with hundreds more companies impacted through Kaseya’s IT services. The ransomware gang REvil demanded a $70M payment to restore data
One Password Allowed Hackers to Disrupt Colonial Pipeline
https://www.reuters.com/business/colonial-pipeline-ceo-tells-senate-cyber-defenses-were-compromised-ahead-hack-2021-06-08/A legacy Virtual Private Network (VPN) system lacking 2-factor authentication left the company’s infrastructure highly vulnerable to the ransomware attack that led to gas shortages in portions of the South and the East Coast.
CFONE Authorized as a CMMC-AB Registered Provider Organization (RPO)
CFONE is pleased to announce our approval by the CMMC Accreditation Body (CMMC-AB) as a Registered Provider Organization (RPO). RPOs are authorized to provide CMMC consulting services to companies preparing for their audits and must meet a number of requirements, including a background investigation and signing of a Code of Professional Conduct. Such requirements provide a measure of legitimacy and commitment to CMMC standards in a field otherwise flooded with firms claiming expertise.
GSA Includes CMMC Requirements in Governmentwide Acquisition Contracts
The General Services Administration (GSA) will be including Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) requirements in the new Polaris small business governmentwide contract (GWAC), the second of GSA’s large contracting vehicles to include them, following 8(a) STARS III. These requirements will be included at the order level, rather than contract level, in order to best serve the needs of GSA’s DoD customers. Growing interest from civilian agencies is anticipated.
Ransomware Attack Jeopardizes Production of 300 COVID-19 Ventilators Per Day
Boyce Technologies, Inc., an FDA-approved manufacturer of ventilators during the COVID-19 pandemic, has been attacked with DoppelPaymer ransomware. The ransomware gang has threatened to leak stolen data from the company, including purchase orders, assignment forms and other sensitive data, unless an undisclosed ransom is paid by the firm. DoppelPaymer was also implicated in a March 2020 incident targeting Visser Precision and a June 2020 incident targeting the city of Florence, Alabama.