Security News

Malicious actors can take advantage of "Insufficient" forensic visibility into Google Cloud Platform to exfiltrate sensitive data, a new research has found. "Unfortunately, GCP does not provide the level of visibility in its storage logs that is needed to allow any effective forensic investigation, making organizations blind to potential data exfiltration attacks," cloud incident response firm Mitiga said in a report.

It wasn't until February 28th that DISH finally confirmed that they suffered a ransomware attack, with multiple sources telling BleepingComputer that the Black Basta ransomware gang was responsible. Other ransomware attacks we learned more about this week include ones on the City of Oakland, the Indigo book store chain, Tennessee State University and Southeastern Louisiana University, and the Clop data theft at Hatch Bank.

CISA and the FBI have issued a joint advisory highlighting the increasing threat behind ongoing Royal ransomware attacks targeting many U.S. critical infrastructure sectors, including healthcare, communications, and education. In response, the FBI and CISA shared indicators of compromise and a list of tactics, techniques, and procedures linked, which would help defenders detect and block attempts to deploy Royal ransomware payloads on their networks.

The Play ransomware gang has taken responsibility for a cyberattack on the City of Oakland that has disrupted IT systems since mid-February. Oakland is a city in California on the east side of the San Francisco Bay Area with a population of about 440,000.

SCSW Back in 2020, Eric Scales led the incident response team investigating a nation-state hack that compromised his company's servers along with those at federal agencies and tech giants including Microsoft and Intel. "It was similar to a fraternity rush - the best experience I never want to do again," Scales, head of incident response at Mandiant, told The Register.

American fast food chain Chick-fil-A has confirmed that customers' accounts were breached in a months-long credential stuffing attack, allowing threat actors to use stored rewards balances and access personal information. At the time, Chick-fil-A set up a support page with information on what customers should do if they detect suspicious activity on their accounts.

Less than a year after its online greetings card subsidiary Funky Pigeon was attacked, WH Smith has admitted someone broke into its systems. WH Smith said the attack had "Resulted" in illegal access to some company data, including on current and former employees.

Cisco on Wednesday rolled out security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The vulnerability, tracked as CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based management interface arising due to insufficient validation of user-supplied input.

According to the cyber intelligence report from Agari, hybrid phishing attacks have increased by 625%. One of the most damaging is callback phishing - also often known as a TOAD. First appearing in the wild in March 2021 as BazarCall, the attacks were mounted to install ransomware on corporate networks. Low levels of cybersecurity awareness can be the root cause of successful cyberattacks, especially attacks such as Callback phishing.

Satellite broadcast provider and TV giant Dish Network has finally confirmed that a ransomware attack was the cause of a multi-day network and service outage that started on Friday.As BleepingComputer reported, this widespread outage hit Dish.com, the Dish Anywhere app, Boost Mobile, and other websites and networks owned and operated by Dish Network.