Chick-fil-A Confirms Credential Stuffing Attack
Credential stuffing is one of the many forms of cyberattacks on the rise. It's a low-risk, low-cost automated method. It uses bots to access username-password combinations from past data breaches. It then uses that information to exfiltrate data from a new target system. It relies on people's habit of reusing the same login credential across various sites.
Chick-fil-A is one of the most recent victims of a credential stuffing attack. That proves that even large companies aren't exempt from these malicious attempts. Here's everything you need to know about the incident so you can stay informed.
US Government: Royal Ransomware Targets Critical Infrastructure
The United States government is alerting organizations about the Royal ransomware operation. The Federal Bureau of Investigation (FBI) and the Cybersecurity & Infrastructure Security Agency (CISA) said in a joint advisory that the Royal ransomware gang poses an increasing threat to critical infrastructure of numerous sectors in the U.S.
The Royal ransomware group has been targeting different sectors across the country and abroad. Among its victims are health care, education, communications, and manufacturing organizations.
How to Protect Your Organization From Callback Phishing
Callback phishing scams are one of the worst cyberattacks you can encounter. It is devastating to experience on a personal level. But it is even more disastrous if it happens to your organization. To help you, here is a guide covering how callback phishing works and the steps you should take to address it.
SCAM OF THE WEEK: Hiding Behind Namecheap
The web hosting company Namecheap was the latest victim of a combined hacking and phishing attack. In this attack, cybercriminals hacked into SendGrid, Namecheap’s email service. Then, they used SendGrid to impersonate businesses by hacking into their email services.
To start the scam, cybercriminals sent emails with links that led to fake websites. These websites looked real and were even hosted by Namecheap’s web hosting service. If you were to visit these websites, you'd be asked for your personal information, payment details, and login credentials. Unfortunately, cybercriminals could then use this information for their own malicious purposes.
Password Mask Attacks
Having a password for online accounts is not enough protection. Hackers and cybercriminals have found a way to crack passwords and hijack emails, bank accounts, social media pages, and other digital real estate. Through password mass attacks, cyber threat actors no longer have to spend a long time trying to guess your online credentials.
Microsoft Exchange Online Outage Blocks Access to Mailboxes Worldwide
Microsoft Corp. announced via Twitter on March 1 that a worldwide outage affected Exchange Online – its cloud-based email service.
According to the software giant in a series of tweets, Exchange Online users can't access their mailboxes. Users can't send or receive emails and got error messages.
The good news is that Microsoft resolved these technical issues in a few hours.
News Corp Cyberattack
News Corporation (News Corp) has disclosed more information about the 2022 cyberattack against the major publishing conglomerate. News Corp revealed that the cybercriminals had access to its systems two years ago, starting in Feb. 2020.
News Corp recently sent notification letters to affected employees. These laid out the most recent information on the data breach. The breach affected workers at the company’s publications, The New York Post and The Wall Street Journal, and its UK news operations.
Dish Network Cyberattack
Dish Network confirmed that the network outage it is currently experiencing is due to a
cybersecurity breach. This outage also affected its internal communications systems.
The breach occurred on Feb. 23 and disconnected Dish’s websites and apps. The network’s call centers also went offline. Subscribers cannot access their accounts, stream shows, or avail of Dish’s services.
Ransomware Attack on Dole
Ransomware is a threat businesses cannot afford to ignore. Such a cyberattack often blocks user access to systems until the perpetrator receives ransom. A recent cautionary tale is a ransomware attack on Dole Food Company.
Dole reported on Feb. 22 a cybersecurity incident involving ransomware. Although it is unclear when or how the attack occurred, Dole said it had a limited impact on its operations. However, there are reports saying the disruption may be more serious than the company let on.
Microsoft Exchange Server Antivirus Exclusions
The Microsoft Exchange Server is an e-mail server developed exclusively for Windows OS users. It also offers collaboration functions like scheduling and calendaring.
One of the Exchange Server's biggest draws is its high availability features. These features ensure that outages and server failures won’t disrupt server operations.
But while the Exchange Server sounds like a dream for users, it also has limitations. Microsoft warned against performing antivirus scans on some Exchange Server’s files, folders, and processes.
SCAM OF THE WEEK: Is ChatGPT Your Next Financial Advisor?
ChatGPT, an artificial intelligence (AI) chatbot created by OpenAI, has risen in popularity since its release last year. Now, cybercriminals are using ChatGPT’s popularity to lure you into phishing scams. In one of these scams, cybercriminals try to trick you with a fake new ChatGPT feature.
The scam starts with a phishing email informing you that ChatGPT has a new feature to help you invest in the stock market. If you click the link in the email, you’ll be taken to a spoofed ChatGPT website and prompted to enter your contact information. Then, a representative will call you and request that you submit a payment to open your investment account. Unfortunately, if you submit a payment, that money won't help you invest in the stock market. Instead, cybercriminals will steal it to invest in their own malicious pursuits.
S1deload Stealer Malware
A new malware campaign on Facebook and YouTube is making headlines. S1deload Stealer hijacks these social media accounts, mines cryptocurrency, and spreads itself. Discover what business owners need to know about this malware.
Stanford University Data Breach
The recent Stanford University data breach is causing businesses to reevaluate their security practices. The way the university handled the breach can serve as a guide for business owners. But it is important to understand the facts of the incident.
LastPass Reveals Details of Attack
LastPass recently revealed more details of the second malware attack targeting its infrastructure. It also disclosed the company’s actions to prevent similar attacks in the future. By learning more about the attack, business owners can strengthen their own security weaknesses.
GoDaddy Finds Multiple-Year Security Breach
GoDaddy is a popular web hosting company with millions of customers worldwide. Users are alarmed to find that attackers stole the company’s source code.
The hosting giant found the security breach in early December 2022 after it received customer reports. From there, it carried out a comprehensive investigation. GoDaddy disclosed that its sites are being redirected to random domains.
Serious Security Flaw in Cisco ClamAV Discovered
It is ironic when software designed to protect is vulnerable to threats. That is the case here. Experts discovered the ClamAV free anti-malware program has a serious security risk.
Investigations revealed the security threat is in its scanning library. It was tracked as CVE- 2023-20032. The risk affects several other products from Cisco.
Everything You Need to Know About the Pepsi Data Breach
Hackers need less than a minute to perform a successful data breach. It will be over before you can even finish your cup of coffee. Unfortunately, it can take companies several weeks to realize they were the victim of a malware attack. That's what happened to Pepsi Bottling Ventures.
Cloudflare Successfully Detects and Mitigates Largest DDoS Attack Recorded
During the weekend of Feb. 11-12, 2023, content delivery network provider Cloudflare detected and mitigated an unusually high number of hyper-volumetric DDoS attacks. It did not disclose the targets but mentioned some of the attacked websites. These included a gaming provider, hosting providers, cloud computing platforms, and cryptocurrency companies.
The attack ranged between 50 to 70 million requests per second (rps) and peaked at 71 million rps. That is the largest reported HTTP DDoS attack, surpassing the 46 rps recorded in June 2022.
Internet Explorer Gets Disabled From Windows 10
Microsoft has intended to replace Internet Explorer with the new Edge browser. On June 15, 2022, the company officially retired the popular browser by ending its update support for the application. However, it was still part of Windows 10 and was available for use.
However, a Microsoft Edge update on Feb. 14, 2023, permanently disabled Internet Explorer 11 on Windows 10 computers. As standard with these updates, the rollout takes a few days to a week.
State of Emergency Declared in Oakland to Combat Ransomware Attack
On Feb. 8, 2023, the City of Oakland suffered a ransomware attack. It forced several city systems to go offline. Fortunately, it did not affect emergency services. 911 and fire rescue
were still online.
Digital security experts investigated the incident. They assume the attack started with an email that contained a malicious ransomware program. When a user clicks on a link or attachment, the ransomware gets into the system and steals valuable data.