Read this week's Cyber Weekly Digest for a rundown of our top cyber security news picks. In this digest, we dive into the MoveIt supply-chain attacks impacting several companies, including British Airways, BBC and Boots. Keep reading to stay up to date on the biggest cyber security news of the week.
The hack was first disclosed last week when US company Progress Software announced threat actors had found a way to break into its MOVEit Transfer tool. MOVEit is software designed to move sensitive files securely and is popular worldwide, with most of its customers in the US. On Thursday, the CISA warned firms that use MOVEit, instructing them to download a security patch to stop further breaches. Zellis, a UK-based human resources software maker and payroll provider, confirmed that its MOVEit system was compromised, with the incident affecting a “small number” of its corporate customers. Some of the Zellis customers include British Airways and the BBC, who have been informing employees impacted. Microsoft security researchers have since linked the threat actors to a group tracked as “Lace Tempest”, affiliated with the Clop ransomware group.
On Wednesday, Outlook suffered a series of outages after hacktivists claimed to carry out DDoS attacks on Outlook. The outages followed two major outages the day before, creating global disruption for users. Although Microsoft claimed that the outages resulted from technical issues, a group known as Anonymous Sudan is claiming they were behind the outages after DDoS attacks on Microsoft in protest of the US getting involved with Sudanese internal affairs. Since then, the group has been taunting Microsoft in statements about the repeated DDoS attacks on Microsoft Outlook and Microsoft 365 services. Later this week, Microsoft’s OneDrive also suffered outages which Anonymous Sudan is claiming.
Pharmaceutical company Eisai has disclosed it suffered a ransomware incident that impacted its operations, revealing that attackers encrypted some of its servers. The company develops and produces medication for various forms of cancer and the treatment of chemotherapy side effects, as well as anti-seizure, neuropathy, and dementia drugs. The company took many of its IT systems offline to contain the damage and prevent the spread of the locker to further portions of the breached corporate network. Eisai has enlisted investigators to help recover and discover if any data was stolen during the attack.
The developers of Atomic Wallet are investigating reports of large-scale theft of cryptocurrency from users’ wallets, with over $35 million in crypto reportedly stolen. Last weekend, Atomic tweeted that they were investigating reports of several compromised wallets. The developers have since taken down their download server, ‘get.atomicwallet.io,’ likely out of concern that their software was breached and to prevent the spread of further compromises. It is unclear how the compromise took place at this time, but users are advised to transfer their crypto assets to other wallets while the developers investigate the security incident.