The Week In Review 11/01-15/01

The Week In Review 11/01 – 15/01

2020 was a good year for SaaS, but perhaps not the SaaS you are thinking of. A Scam-as-a-Service operation, codenamed Classiscam, uncovered in Russia has been helping classified ads scammers take more than $6.5m from buyers across multiple continents. The scammers used an organised model, deployed across various sites listing items such as consoles and appliances. They would then interact with interested buyers through sophisticated telegram bots directing them to fake sites to make payment. Cyber security company Group-IB estimates that there were 5000+ scammers across 40 telegram chats at the end of 2020, with each group turning over $60,000 monthly. This is not the only instance of fraud catching headlines this week. A data leak of sensitive documents of over 12,000 construction workers was reported, including passport scans, national ID’s, birth certificates, tax returns and more. The target company was international staffing agency Nohow, who stored this sensitive information on an unsecured Microsoft Azure Blob, which has since been secured. With so many personally identifiable details being leaked of individuals there is serious concern about further scams involving identify theft, with passport or ID scan typically fetching about $15 on the dark web. A leak of 12,000 individuals can, therefore, be both seriously damaging and lucrative.

President of Microsoft, Brad Smith, has said this week that it is important that the cyber security and technology community, as a whole, work together to safeguard the assets and supply chain that “we are all responsible for protecting.” Speaking at CES2021, Smith reinforced his view that private companies should collaborate and partner to guide governments in terms of cyber security approach, policy, and adoption so that nation states, or indeed companies, cannot pursue supply chain disruption on the scale we saw in 2020. This vision of collaboration was at the core of his keynote, saying that “the only way to protect the future is to understand the threats of the present and that requires us to share data in new ways.” He explains that with so much data and threat intelligence existing in silos, it makes it almost impossible to detect threats such as the SolarWinds hack early. This speech comes at a time when the cyber security industry has faced higher levels of pressure through a significant increase in attacks amidst the COVID-19 pandemic. A study conducted by the Ponemon Institute found that the pandemic has increased hours and workloads in a profession that was already highly demanding, as a result many of the information security personnel surveyed indicate they are close to burn out. In addition to this, the remote aspect of working is seemingly straining cyber security outfits with more than half of SOC based employees saying it has had an impact on operations.  In an industry already rife with skill gaps, analysts experiencing burnout are beginning to leave their roles in droves as companies are fighting to both retain and attract talent into the organisation. 

A newly launched website launched website claims to be selling data stolen in the SolarWinds hack, marking a new milestone in the saga. Aptly named SolarLeaks, displays listings of items such as “Microsoft Windows (partial) source code” for $600,000. Prominent members of the cyber security community have differing opinions on whether this is legitimate with some suggesting it could be a misdirection to prevent attribution of the attack to any one group.

Ensure your company is equipped to deal quickly and effectively with any breach. Dionach provide industry leading Cyber Security Incident Response (CSIR) for organisations globally. 

Read about all of this and more below:

Cyber security teams are struggling with burnout

12,000+ workers have sensitive information leaked

SolarLeaks site springs up

Brad Smith calls for more collaboration and data sharing

IoT chastity belt victim of ransomware

Scam-as-a-Service brings in $6.5m

Bitdefender release free DarkSide ransomware decrypter

Find out how we can help with your cyber challenge

Please enter your contact details using the form below for a free, no obligation, quote and we will get back to you as soon as possible. Alternatively, you can email us directly at [email protected]

Related Posts


Dionach Achieves JOSCAR Registration

A Milestone in Aerospace, Defence, and Security Compliance We are thrilled to announce that Dionach is now a registered supplier on the defence portal JOSCAR, managed by Hellios. This significant achievement underscores our commitment to excellence and compliance in the aerospace, defence, and security sectors. Being JOSCAR registered not only reflects our dedication to maintaining […]

Dionach Joins the ADS Group

A New Chapter in Aerospace, Defence, and Space Innovation We are thrilled to announce that Dionach has been officially approved as a member of ADS, the UK’s premier Aerospace, Defence, and Space industry trade association! This prestigious certification underscores our commitment to excellence and innovation within these critical sectors. As an ADS member, we look […]

Dynamic Cybersecurity: Latest Trends and Updates

In today’s interconnected digital world, the field of cybersecurity is constantly evolving to keep up with emerging threats and vulnerabilities. Staying updated with the latest developments is crucial for individuals and organisations alike to protect their sensitive information from malicious actors. In this blog post, we will explore some of the most significant updates and […]
Contact Us

Contact Us React out to one of our cyber experts and we will arrange a call