Cyber Weekly Digest - Week #18
Updated: May 7
This week’s digest includes stories from around the world, including threat actors warning they will expose Washington DC Police informants and a ransomware attack on the Brazilian state Rio Grande do Sul’s court system. Keep reading to find out about the latest cyber security stories.
The Washington DC Police released a statement following the Babuk Locker gang claimed they had compromised DC Police’s networks and were able to steal 250GB of unencrypted files. The ransomware gang released screenshots of the allegedly stolen files; one of the files relates to the arrests following the January 6th protest, which stormed the Capital Building. The gang has warned that DC Police have three days to contact them, or they will start contacting gangs to warn them of police informants. Babuk ransomware briefly posted a short message this week about their intention to quit the extortion business after achieving their goal.
A researcher has found that the credit scores of Americans are exposed due to an API tool used by the Experian credit bureau, left open on a lender site without security protection. The researcher found that he could access the credit scores with publicly available information such as name and date of birth. He was even able to build a command-line tool that let him automate lookups, even after entering all zeros in the fields for date of birth. Experian said it fixed the unprotected endpoint instance, but some researchers are concerned that other exposed Experian APIs might be out there, sitting unprotected.
The court system for the Brazilian state of Rio Grande do Sul suffered a ransomware attack this week. On Wednesday morning, employees suddenly found that all their documents and images were no longer accessible, and ransom notes had appeared on their Windows desktops. The REvil group are responsible and have demanded a $5,000,000 ransom to decrypt files and not leak data.
In January Emotet, the world’s most dangerous botnet was taken down by law enforcement across the globe. Emotet was responsible for distributing ransomware, banking trojans and other threats through phishing and malware-laden spam. Since then, law enforcement have released an update to the botnet designed to erase the malware from all infected machines globally and have been able to collect 4.3 million email addresses from the Emotet servers. The email addresses have been passed onto “Have I been pwned” to help alert those affected.
This week Apple patched a zero-day bug which is actively being exploited by the number one threat to Macs, Shlayer. Researchers believe Shlayer has been using the bug since January. The vulnerability, tracked as CVE-2021–30657, allows an attacker to very easily craft a macOS payload that goes unchecked by the strict security features built into the OS specifically to keep malware out. Security researchers advise that macOS users update their systems immediately to avoid falling victim to any existing exploits for it.
Get your free cyber security budget template.
This tool is an intuitive actionable excel spreadsheet to monitor your security budget performance providing you with full visibility into and control of your security spending map.
Simply download the template, add your budget numbers , and it’s ready to use.