Cyber Weekly Digest - Week #19
In this week's Digest, find out about the largest DDoS attack seen in Belgium and how a vulnerable Dell driver has been pushed to hundreds of millions of Dell computers over the past 12 years. Keep reading to get all the information you need about the biggest cyber security stories from across the world.
On Tuesday, Belgium experienced the largest Distributed Denial of Service attack the country has seen. Internet access was cut off to numerous government, public, educational and scientific agencies, including the Belgium Parliament. It is believed that around 200 institutions were affected. Although service was later restored, some customers are still unable to connect to online services. There is no sign that the attacker infiltrated the network of any of the institutions affected.
This week researchers have found a new Cyptocurrency stealer variant called PandaStealer, targeting individuals in the US, Australia, Japan and Germany. The malware begins its infection chain through phishing emails, and samples uploaded to VirusTotal also indicate that victims have been downloading executables from malicious websites via Discord links. The phishing emails trick the victims into believing they are business quote requests which include malicious excel files. Over the past few months, there has been an increasing number of attackers using Discord to target individuals.
Earlier this week, healthcare giant Scripps Health suffered a ransomware attack that disrupted service. Many patients had to be redirected to other hospitals. The day-to-day activities were also interrupted, meaning that staff had to revert to manual processes and paper records since the electronic records were disrupted. Hospitals and healthcare institutions have become a top target for attackers in the past year due to their critical role, meaning ransom demands are more likely to be paid off.
Researchers have estimated that hundreds of millions of Dell computer devices contain a driver with multiple vulnerabilities that could lead to increased privileges on the system. The driver has been pushed for 12 years includes a collection of five flaws, tracked as CVE-2021-21551. Although there are five separate flaws, most of them lead to privilege escalation and one code logic issue, which leads to denial of service. Read more of SentinelOne's research here.
In December 2020, the USAGM fell for a phishing attack that allowed attackers to access an agency email account that contained the personal information of current and former employees. The exposed data includes full names and Social Security numbers of employees and possibly their beneficiaries and dependents. The affected employees were informed and offered a one-year subscription to Experian IdentityWorks four months after the attackers accessed the data. The long delay means the attacker could have performed further phishing attacks and identity theft on those affected.
Get your Free Password Exposure Test!
Yesterday was World Password Day. To help you identify if any of your users passwords are at risk, sign up for your free password exposure test.