Cyber Weekly Digest - 2022 Week #18


In this week’s Cyber Weekly Digest find out about the biggest cyber security news including a threat actor who has been convicted of stealing $23 million from the US Department of Defence through phishing attacks, and hacktivists who have been targeting Russian alcohol distributors. Keep reading to stay up to date with the latest cyber security news from across the world.


1. The US Department of Defence was tricked into paying $23.5 million to a phishing actor.

This week an individual has been convicted for multiple counts relating to a phishing operation that caused $23.5 million in damages to the US Department of Defence. The threat actor sent phishing emails to businesses that conduct business with the Federal Government register in order to steal credentials. Using stolen credentials the threat actor was able to divert a $23,453,350 contract payment for the provision of 10,080,000 gallons of jet fuel to his personal bank account.


2. Heroku forces password resets following unauthorized access to an internal customer database.

Salesforce-owned subsidiary Heroku revealed that a compromised token was abused to breach the database and exfiltrate passwords for users’ accounts. Salesforce has since said it is resetting all Heroku user passwords and ensuring that potentially affected credentials are refreshed. An unidentified actor was able to leverage stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including NPM. The attack was first discovered on April 12th and Heroku has since revoked all the access tokens.


3. Global car rental firm Sixt hit by a cyber attack.

Global car rental firm Sixt has admitted that some of its business operations and services are suffering disruption after a cyber-attack struck the firm over the weekend. The attack caused disruptions at customer care centres and select Sixt branches. The attack was discovered on April 29th and forced them to restrict access to all IT systems, except for those crucial for continuing business like the main website and the apps. According to German media, most car bookings from Friday morning were carried out using pen and paper.


4. Researchers discover severe lack of privacy and security protections in mental health apps.

This week Mozilla researchers noted that the majority of mental-health and prayer apps could be harming their users by exposing personal and intimate data. Of 32 mental-health and prayer mobile apps investigated, 28 were found to be inherently insecure. Some of the key concerns of the apps include sharing users’ intimate data, allowing weak passwords, targeting vulnerable users with personalized ads, and featuring vague and poorly written privacy policies. At least eight of the apps reviewed allowed weak passwords, while one app only required one letter or digit as a password.


5. Hacktivists are targeting Russian alcohol distributors in their latest DDoS attacks.

Hacktivists supporting Ukraine have focused their DDoS attacks on a portal that is considered crucial for the distribution of alcoholic beverages in Russia. According to Russian media, several vodka producers and distributors claim they are unable to access a portal required by government regulations. As a result, alcohol beverage transportation and distribution have suffered, raising concerns about alcohol shortages. The hacktivists are known as Ukraine’s IT Army, which enlists volunteers from around the globe, with the common goal of launching attacks against key Russian entities.



23 views