Cyber Weekly Digest - Week #46

In this week’s Cyber Weekly Digest, we look at the latest DDoS attack to hit another VoIP provider and threat actors who were able to remain undetected on an Australian water supplier’s servers for nine months. Keep reading to stay up to date on the latest cyber security stories from the week.

1. Robinhood suffers a data breach affecting 7 million customers.

This week stock trading platform, Robinhood, disclosed a data breach after their systems were attacked, allowing threat actors to access the personal information of 7 million customers. The threat actor was able to access personal information through social engineering methods. The attacker called a customer support employee and was able to gain access to the customer support systems. Robinhood also received an extortion demand after learning about the attack. Robinhood does not believe that any social security numbers, bank account numbers or debit card numbers were exposed in the attack. Robinhood has warned customers and provided suggestions for customers concerned about the safety of their accounts.

2. Another VoIP provider suffers a DDoS attack causing worldwide outages.

Telnyx is the latest VoIP telephony provider to be targeted by a Distributed Denial of Service (DDoS) att ack. At the beginning of the week, Telnyx was targeted by an attack causing all telephony services to fail or be delayed. This year VoIP providers have been increasingly targeted with DDoS extortion attacks such as and Bandwidth, both being targets in September this year. Since the attack, Telnyx has moved its EMEA and APAC services behind Cloudflare.

3. Palo Alto Networks has disclosed a zero-day vulnerability in firewalls using GlobalProtect Portal VPN.

A new zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN that an unauthenticated network-based attacker could abuse to execute arbitrary code on affected devices with root user privileges. Tracked as CVE-2021-3064, the vulnerability has a critical CVSS score of 9.8 and impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. The technical details related to CVE-2021-3064 have been withheld for 30 days to prevent threat actors from abusing the vulnerability to stage real-world attacks.