Weekly Breach Report – October 19th

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

Microsoft

Microsoft used a legal attack to disrupt Trickbot, a malware-as-a-service botnet, based on a claim that the botnet abused the software company’s trademarks. Krebs on Security: https://krebsonsecurity.com/2020/10/microsoft-uses-copyright-law-to-disrupt-trickbot-botnet/

Iran

Iran’s cybersecurity authority acknowledged two cyberattacks on government departments this week. The Washington Post: https://www.washingtonpost.com/world/middle_east/iran-acknowledges-cyberattacks-on-government-departments/2020/10/15/de9beb88-0ecf-11eb-b404-8d1e675ec701_story.html

New DDoS campaign

An unknown hacking group, posing as the Lazarus and Fancy Bear APT groups, is threatening organizations with DDoS attacks unless they pay a ransom. Computing: https://www.computing.co.uk/news/4021744/hackers-posing-ddos-attacks

FIN11

Researchers have identified a new hacking group, known as FIN11, that is hacking and extorting pharmaceutical and healthcare companies during the COVID-19 pandemic. Cyberscoop: https://www.cyberscoop.com/fin11-ransomware-pharma-fireeye-cybercrime/

Silent Librarian group

This Iranian advanced-persistent-threat group is targeting schools and universities around the world with spear-phishing attacks. HackRead: https://www.hackread.com/iranian-apt-group-schools-colleges-in-global-spear-phishing-attacks/

Windows “Ping of Death”

SophosLabs, a cybersecurity firm, is urging Windows 10 users to patch their systems because of a bug in the TCPIP.SYS kernel driver. Naked Security:https://nakedsecurity.sophos.com/2020/10/14/windows-ping-of-death-bug-revealed-patch-now/

State of Colorado

Thirty thousand State of Colorado employees may be impacted by a data breach that exposed personal information such as Social Security numbers. CBS Denver: https://denver.cbslocal.com/2020/10/14/data-breach-colorado-state-employees-colleges/

London Borough of Hackney

This U.K. city council was hit by a cyberattack that disrupted many of its online services. Bleeping Computer: https://www.bleepingcomputer.com/news/security/london-borough-of-hackney-suffers-serious-cyberattack/

Barnes & Noble

Barnes & Noble confirmed a cyberattack that impacted Nook services and possibly exposed customer data. ZDNet: https://www.zdnet.com/article/barnes-noble-confirms-cyberattack-customer-data-breach/

British Airways

British Airways was fined a record £20m for a data breach in 2018 — less than the £183m it was initially fined, in part because of its dire COVID-related financial situation. The Guardian: https://www.theguardian.com/business/2020/oct/16/ba-fined-record-20m-for-customer-data-breach

Bluetooth bug in Linux

Google and Intel are warning users of a high-severity Bluetooth bug in the Linux Kernel that could enable code execution by attackers within Bluetooth range. Arstechnica: https://arstechnica.com/information-technology/2020/10/google-and-intel-warn-of-high-severity-bluetooth-security-bug-in-linux/

Fairfax County Public Schools

A cyberattack on Fairfax County Public Schools in Virginia resulted in student and teacher personal information leaked on the dark web. Local DVM: https://www.localdvm.com/news/virginia/fcps-announces-student-teacher-personal-information-leaked-to-the-dark-web-after-cyber-attack/

WisePay

This school-payments company alerted parents who recently made payments to U.K. schools that their credit card details were compromised in a hack of the WisePay website. The Fintech Times: https://thefintechtimes.com/school-payments-service-wisepay-comes-under-cyber-attack/

Seyfarth Shaw

This Chicago-based international law firm confirmed that a ransomware attack impacted its IT systems. Above the Law: https://abovethelaw.com/2020/10/global-biglaw-firm-hit-by-aggressive-ransomware-attack/

Intcomex

This Miami-based tech company suffered a significant data breach in which a terabyte of its users’ data was leaked. Security Magazine: https://www.securitymagazine.com/articles/93576-miami-tech-company-intcomex-suffers-major-data-breach

Dickey’s BBQ

Researchers have linked 3m compromised payment cards found on the dark web to U.S. restaurant franchise Dickey’s Barbeque Pit. Threatpost: https://threatpost.com/dickeys-bbq-breach-jokers-stash/160211/

Manitoba hack

Hackers stole almost $450,000 in a cyberattack on a bank account belonging to a Manitoba, Canada municipality. CTV News: https://winnipeg.ctvnews.ca/nearly-450k-stolen-from-manitoba-municipality-in-cyber-attack-1.5146916

Like the report? Sign up below and get it in your inbox.