Cyber Weekly Digest - Week #30

This week’s Cyber Weekly Digest explores some of the most intriguing cyber security stories this year. Find out about a double extortion attack on a US law firm, whose clients include Fortune 500 companies, and how Kaseya obtained a universal decryptor for victims affected in the July 2nd ransomware attack.

1. US based law firm which serves many of the Fortune 500 companies suffers a data breach.

This week US based law firm, Campbell Conroy & O’Neil, P.C, announced that they had become a victim of a double-extortion ransomware attack. The law firm disclosed a data breach as a result of a ransomware attack which hit them in February. Their clients include high-profile Fortune 500 and Global 500 companies such as Apple, Mercedes Benz, Boeing, Pfizer and British Airways. According to the Campbell’s investigation, attackers were able to access the names, dates of birth, drivers licence numbers, passport numbers, payment card information and medical information from “certain individuals”. Campbell is offering 24 months free access to credit monitoring, fraud consultation, and identity theft restoration services to all individuals whose Social Security numbers or equivalent information was exposed during the attack.

2. Fourteen world leaders targeted by Pegasus spyware.

French lawmakers have launched an investigation into Israeli offensive cybersecurity company NSO Group after they discovered French President Emmanuel Macron was potentially targeted by the company’s spyware along with 13 other heads of states. Other heads of states include presidents Imran Khan of Pakistan, Cyril Ramaphosa of South Africa and Barham Salih of Iraq. The news comes after last week when 17 media partners published a report which shed light onto the widespread use of Pegasus spyware often used by repressive regimes against human rights activists, journalists and world leaders. Pegasus spyware infects iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras.

3. A UK citizen has been arrested for being involved in the 2020 Twitter hack.