NSW Health Data Breach: Payroll Information of Over 1,600 Staff Affected! NSW Health has recently confirmed that it has become the latest organisation to suffer a data breach in the Frontier Software cyber-attack at the end of 2021. According to an FAQ posted on its website, the breach has impacted staff or former staff who were employed by the Ministry of Health, as a senior executive...
Read More
Cybercriminals are increasingly turning to stolen credentials as a valuable commodity on the underground market. According to a report by cybersecurity firm Flashpoint, last year saw 4,518 data breaches reported, with attackers stealing or exposing 22.62 billion credentials and personal records. Over 60% of these were stolen from organizations in the information sector. Flashpoint's database of threat intelligence includes 575 million posts on illegal forums, 3.6...
Read More
Six Law Firms Targeted in GootLoader and SocGholish Malware Campaigns Mar 01, 2023 - In January and February 2023, six different law firms were targeted in two separate threat campaigns distributing GootLoader and FakeUpdates (aka SocGholish) malware strains. GootLoader is a first-stage downloader that is capable of delivering a wide range of secondary payloads such as Cobalt Strike and ransomware. It employs search engine optimization (SEO)...
Read More
On February 23, 2023, multiple threat actors have been observed exploiting a critical security vulnerability impacting several Zoho ManageEngine products since January 20, 2023. Tracked as CVE-2022-47966 (CVSS score: 9.8), the remote code execution flaw allows a complete takeover of the susceptible systems by unauthenticated attackers. Martin Zugec of Bitdefender's cybersecurity firm revealed in a technical advisory that the vulnerability "allows unauthenticated remote code execution due...
Read More
Sandworm Targets Ukraine and its Supporters In the last months of 2022, Russian Advanced Persistent Threat (APT) group Sandworm continued its data wiping attacks against Ukrainian organizations, but expanded its efforts to organizations from countries that are strong supporters of Ukraine, such as Poland, according to a new report by cybersecurity firm ESET. Sandworm is believed to operate as a unit inside Russia's military intelligence agency,...
Read More
The need for organisations to guard against the dangers of ransomware is not new, yet never has the threat to data been so pervasive as in 2022. In addition to the perpetually ongoing growth in the scale and sophistication of the capabilities which threat actors possess, there’s been the requirement for businesses to rapidly shift to work-from-home models since the outbreak of the Covid-19 pandemic –...
Read More
Despite a recent decline in attacks, ransomware still poses significant threats to enterprises, as the attacks against healthcare organizations demonstrated this month. It is also becoming more capable. In particular, ransomware writers are aware that backups are an effective defense and are modifying their malware to track down and eliminate the backups. Ransomware targeting backups Ransomware will now delete any backups it happens to come across along...
Read More