Cyber Weekly Digest - Week #39
This week in cyber security has seen a variety of stories including increased security measures for the US election, more ransomware attacks as well as a new COVID-19 phishing scam. Keep reading to find out about the biggest stories of the week.
In hopes to improve security for critical figures in the forthcoming US election, Twitter has automatically activated extra account protection for them. In June, Twitter became the victim of a significant hack, in which Joe Biden’s Twitter account was compromised. As a part of safeguarding the high-profile election-related accounts, Twitter is ensuring they use a strong password, enabled password reset protection, and encourages two-factor authentication.
UK business owners became the target of a phishing scam which was posing as HMRC. The scam is taking advantage of the UK government’s COVID-19 initiative which allowed businesses to defer VAT payments from March and June until March 2021. The phishing email was claiming that the recipient’s VAT deferral application was rejected. This shows that criminals are continuing to pray on those affected by the current pandemic; it does not look like these scams will be ending any time soon.
Another big ransomware story this week as eyewear giant Luxottica suffers an attack. The company’s portfolio includes brands such as Ray-Ban, Oakley, Chanel and Coach. An employee confirmed that Luxottica had suffered a ransomware attack which had affected the company worldwide and operations in Italy and China were shut down as a result of the attack.
Shopify recently had a data breach incident which was the result of an insider threat. Two support team employees were involved in a scheme to procure customer transactional records and sensitive data. The breach affected just under 200 Shopify merchants, although there is no evidence as to how the data was misused yet. The incident has highlighted the danger of insider threats, especially as they can be one of the hardest threats for companies to manage.
At the beginning of the week, 1,000 Belarusian high ranking police officers had names and personal details leaked by hackers in response to violent police crackdowns against anti-government protests. Hackers gave the data to Belarusian news agency Nexta which published the data and promised to release more data on "a massive scale.".