Cyber Weekly Digest - Week #38
This week's cyber security digest will take a look at some of the data breaches which have been disclosed, recent charges filed on members of the APT41 group and how the NCSC is hoping to help organisations disclosure vulnerabilities. Keep reading to find out the latest cyber stories from across the globe.
Five members of one of the most infamous state-sponsored hacking groups, APT41 have had charges filed against them by the US. US officials stated that the members had hacked over 100 companies worldwide from where they stole proprietary source code, code-signing certificates, customer data and valuable business information. All five members remain at large, and their names have been added to the FBI’s Cyber Most Wanted List.
Earlier in the week, the office-retail giant Staples disclosed a data breach. It has since been revealed that it was caused by insufficient protection for retrieving shopper information from current and past orders. Staples has multiple Pulse secure VPN servers vulnerable to CVE-2019-11510, which had not been patched for two months. Staples have confirmed that the issue has been fixed.
The LockBit ransomware gang has launched a new data leak site to be used as part of their double extortion strategy to scare victims into paying a ransom. Ransomware actors have adopted double extortion tactics since the end of 2019. The link to the data leak site was posted earlier in the week on a Russian-speaking hacker forum.
Another data breach story from this week is how Public Health Wales accidentally published data on 18,000 patients who had tested positive for COVID-19. The risk level of information shared was relatively low; however, the information had been viewed 56 times in the 20 hours it was live. The incident was a result of an “individual human error”, Chief Executive Tracey Cooper said, “it should never have happened” and that it should have been taken down sooner.
Earlier this week the NCSC released guidelines to help organisations with responsible bug reporting through specifically designed processes. The NCSC hoped that the process would help organisations rapidly address vulnerabilities reported by experts to reduce their risk of compromise. Organisations which adopt these guidelines are showing that they are taking security seriously.
You can find the Vulnerability Disclose Toolkit here.