Updated: May 20, 2022
In this week’s Cyber Weekly Digest find out about a ransomware attack that caused a 157-year-old college to close for good, and the cyber attacks which made Costa Rica declare a national emergency. Keep reading to stay up to date on the latest cyber security news from around the world.
The Costa Rican President, Rodrigo Chaves, has declared a national emergency following cyber attacks from the Conti ransomware group on multiple government bodies. Conti ransomware had originally claimed ransomware attacks against Costa Rican government entities last month demanding a $10 million ransom. Since then, Conti's data leak site had been updated to state that the group had leaked 97% of the 672 GB data dump allegedly containing information stolen from government agencies. Costa Rica’s Ministry of Finance was the first entity to be targeted which still has not yet fully evaluated the scope of the security incident.
Microsoft on Tuesday issued updates for 74 security vulnerabilities, including one for a zero-day bug being actively exploited in the wild. Of the 74 issues, 7 are rated Critical and 66 are rated Important. The highest-rated vulnerability is a spoofing vulnerability affecting the Windows Local Security Authority, which Microsoft describes as a "protected subsystem that authenticates and logs users onto the local system", with an 8.1 CVSS score.
This week pro-Ukrainian hacking groups have continues to target Russian media outlets. The hacktivists defaced the online Russian TV schedule page to display anti-war messages during Putin’s victory day speech on Monday. Russian citizens attempting to access TV schedules via their smart TVs read messages that accused the Kremlin of propaganda and that blood was on their hands for the acts of violence in Ukraine. Russian video content provider RuTube also announced that their site was offline after suffering a cyberattack.
Illinois-based Lincoln College was first established during the U.S. Civil War; however this year has had to close for good. After the financial impact Covid had on the 157-year-old college, a ransomware attack meant it had to shut its doors due to the financial strain it put on the college. The school admitted that they had paid a $100,000 ransom to threat actors to get back their data, although it took months to restore their IT systems. According to researchers, over 1,000 U.S. schools were targeted with ransomware last year alone which is more than any other sector except healthcare.
A years-long phishing campaign has targeted German companies in the automotive industry, attempting to infect their systems with password-stealing malware. The targets include both car manufacturers and car dealerships in Germany, and the threat actors have registered multiple lookalike domains for use in their operation by cloning legitimate sites. The infection chain begins with an email sent to specific targets containing an ISO disk image file that bypasses many internet security controls. Researchers believe that it is Iranian threat actors who are carrying out the attacks.