The Week In Review 30/11 – 04/12
As the year comes to an end Dionach’s Week In Review begins. Indifferent to previous weeks, the news has been dominated by COVID-19 headlines although with the addition of some positive news with regulators approving Pfizer’s vaccine for use in the UK. However, no sooner than the vaccination news was published major concerns were announced by IBM Security X-Force who discovered a global sophisticated phishing attack likely targeted at organisations associated with The Vaccine Alliance’s Cold Chain Equipment Optimization Platform (CCEOP) Program. The adversary began the operation back in September 2020 initiated with a widespread spear phishing campaign looking to attain credentials of people working closely with the CCEOP in their efforts to distribute the vaccine around the world. Another blow was delivered to the developers of the GO SMS Pro app, widely adopted by android users, when it was revealed that despite previous concerns around data leaks, patches and updates implemented by developers had not sufficiently addressed the flaw. Users and privacy advocacy groups have called for the app’s removal from Google’s Play Store.
Remember Magecart? The hacking group was responsible for large scale card-skimming attacks on companies such as Ticketmaster in 2018 resulting in hefty fines for all concerned under new GDPR regulations. 2020 sees the return of the group in a new, larger scale, card-skimming hack affecting up to 2000 online stores, including details of tens of thousands of customers from just one site. Additionally, as crypto enthusiasts celebrate bitcoin reaching all new highs the cryptocurrency’s publicity and emphasis on privacy remains conflicted. Compal, the worlds second largest laptop manufacturer, is the latest big name falling victim to ransomware attacks with the hackers demanding a sum of $17m worth of bitcoin paid to various wallet addresses. Other global brands suffering similar attacks this year include Canon and toy maker Mattel.
Find out how to protect your business from ransomware attacks with Dionach’s Ransomware Readiness Review.
Read about all of this and more below:
IBM uncovers global phishing campaign targeting COVID vaccine
(securityintelligence.com)
Magecart attack targets PayPal transactions at checkout
(threatpost.com)
Study reveals largest data theft target in the world
(cybersecurity-insiders.com)
Australia’s cyber security spend to hit $7.6bn by 2024
(itwire.com)
GO SMS Pro app still leaking data
(threatpost.com)
Compal falls victim to $17m ransomware attack
(computing.co.uk)
Spotify pop star hacks
(threatpost.com)
