Cyber Weekly Digest - Week #47
Take a look at this week's cyber weekly digest to keep up to date on the biggest and latest cyber security stories. In this digest we will dive into new tactics used by ransomware attackers, new Zoom security features as well as why Trump has fired the director of CISA.
It has been two weeks since the US election and Chris Krebs, the director of CISA, stated that the 2020 election was the "most secure in American history". There was a lot of concerns for election security in the run-up to the date, and current President Trump has made his views on the election security loud and clear after he lost to Biden. It has since been confirmed that Krebs was terminated on Tuesday via a tweet from the White House, where Trump claimed that Krebs' statement on the 2020 election was "highly inaccurate" and in fact "there were massive improprieties and fraud".
This week a video has been released which shows a tactic used by Egregor ransomware attackers. The tactic involves bombarding the victim's printers with ransom notes; in the video, the printer can be seen to be printing the same ransom note, which is created on computers. The tactic is used not only to put pressure on the victim to pay the ransom, but also to bring public awareness to the attack so that the company's reputation also takes a hit.
Zoom has added the "at-risk meeting notifier" feature which runs on Zoom's backend servers and works by continuously scanning public posts on social media and other public sites for Zoom meeting links. When the notifier finds a Zoom meeting URL, it automatically sends an email to the conference organizers with a warning that other people may be able to access their room and possibly disrupt their meeting.
At the beginning of the week, it was revealed that Ticketmaster UK had been fined £1.25 million for the breach of personal information and payment details which had potentially been stolen from more than nine million customers in Europe in 2018. The breach was the result of a vulnerability in their third-party chatbot, which allowed an attacker to access customer payment details. Following the breach 60,000, Barclays bank customers were victims of fraud along with Monzo, American Express and Mastercard customers. Ticketmaster is appealing against the ruling.
Another hit on the Covid-19 vaccine, this time on the US cold storage firm Americold which operates temperature-controlled warehouses and transportation which are being used to support vaccines developed by Pfizer and BioNTech for the virus. The cyber-attack is believed to have been the result of a ransomware attack as the firm revealed its IT network had been hit on Monday. One truck driver tweeted that he was unable to be assigned a job due to Americold's systems being down.
One week to go! Don't forget to register for our upcoming webinar with SentinelOne "When Ransomware Hits: How to Minimise your Recovery Time." On November 26th at 11:00 GMT.