Cyber Weekly Digest - Week #31

In this week’s digest we explore another week filled of ransomware attacks, data breaches and vulnerability patches. Find out about why ransomware operations are re-branding and the latest zero-day vulnerability patched by Apple. Keep reading to stay up to date on the latest cyber security stories from around the world.

1. DopplePaymer ransomware operation rebrands

Since May, the DopplePaymer ransomware operation has been inactive, however it is now believed that they have rebranded under the name Grief. Researchers found that the two shared the same encrypted file format and used the same distribution channel, the Dridex botnet. Researchers also found that the Grief ransom note dropped on infected systems pointed to the DoppelPaymer portal. The similarities between Grief and DoppelPaymer are so similar that a connection between the two is impossible to ignore. A ransomware gang rebranding may not be a measure to erase their tracks, but instead to avoid any government sanctions that would prevent victims from paying the ransom.

2. Apple patches an actively exploited zero-day in iOS, MacOS.

On Monday Apple patched another zero-day flaw found in both its iOS and macOS platforms which is being actively exploited in the wild and could allow attackers to take over an affected system. The memory-corruption flaw is found in the IOMobileFrameBuffer extension which exists in both iOS and macOS. Apple has released three updates to patch the vulnerability on each of the platforms.

3. Northern Ireland has suspended its COVID-19 vaccine passport system after data leak

This week, Northern Ireland's Department of Health temporarily suspended their COVIDCert online vaccination certification service following a data incident. COVIDCert enables fully vaccinated individuals based in Northern Ireland to obtain a digital certificate confirming their COVID-19 vaccination status. A limited number of users were potentially exposed to data of other users, leading the Department of Health to halt their servi