Hello and welcome back to our blog. Here's what's happening in cybersecurity.
Denmark's defence ministry was hit by a cyberattack on Thursday. The incident cut off access to its websites, although it had no impact on its operations.
Apple introduced Advanced Data Protection for iCloud, a new feature that uses end-to-end encryption to protect sensitive iCloud data, including backups, photos, notes, and more.
Rackspace has confirmed that a ransomware attack is responsible for a widespread outage crippling email services for thousands of people.
Chinese hackers stole millions of dollars worth of U.S. COVID relief funds.
A teaching hospital in the suburbs of Paris is the victim of a ransomware attack, forcing it to transfer patients to other healthcare facilities.
Nearly 500 Million WhatsApp records may have been snapped up in a new data leak.
That's a wrap for this week. Thanks for stopping by our blog!
Top Global Security News
Reuters (December 8, 2022) Danish defence ministry says its websites hit by cyberattack
Denmark's defence ministry was hit by a cyberattack on Thursday that had cut off access to its websites, although it had no impact on its operations, the ministry said on Twitter.
The websites were hit by so-called distributed denials of service (DDoS), which direct a firehose of traffic towards targeted servers in a bid to knock them offline, the ministry said.
"Currently, there is no knowledge of other impacts than the lack of access to web portals – there are thus no operational consequences for the defence," it said on Twitter.
Bleeping Computer (December 7, 2022) Apple rolls out end-to-end encryption for iCloud backups
Apple introduced today Advanced Data Protection for iCloud, a new feature that uses end-to-end encryption to protect sensitive iCloud data, including backups, photos, notes, and more.
For customers who choose to enable this new security feature, Advanced Data Protection is designed to safeguard "most iCloud data even in the case of a data breach in the cloud" by ensuring that encrypted cloud data can only be decrypted on the users' trusted devices.
Those who opt-in will first be prompted to choose an alternate recovery method (the device passcode or password, a recovery contact, or a personal recovery key) required if they lose access to their Apple account. This is needed because Apple will not have the decryption keys to recover the data.
The Record (December 6, 2022) Rackspace says ransomware attack caused outage
Cloud computing giant Rackspace confirmed on Tuesday that a ransomware attack caused a widespread outage that crippled email services for thousands of people.
Since Friday, the company has been dealing with an outage that took down the Microsoft Outlook Web App for thousands of customers and caused other downstream issues. The company runs a lucrative business centered on hosting Microsoft Exchange infrastructure, which offers customers Microsoft email, calendar, and contact software.
The company said on Tuesday that a ransomware attack affected their Hosted Exchange environment, which is the root cause of the service disruption.
Reuters (December 6, 2022) Chinese hackers stole millions worth of U.S. COVID relief money, Secret Service says
Chinese hackers have stolen tens of millions of dollars worth of U.S. COVID relief benefits since 2020, the Secret Service said on Monday.
The Secret Service declined to provide any additional details but confirmed a report by NBC News that said the Chinese hacking team that is reportedly responsible is known within the security research community as APT41 or Winnti.
Several members of the hacking group were indicted in 2019 and 2020 by the U.S. Justice Department for spying on over 100 companies, including software development companies, telecommunications providers, social media firms, and video game developers.
Bleeping Computer (December 5, 2022) Ransomware attack forces French hospital to transfer patients
The André-Mignot teaching hospital in the suburbs of Paris had to shut down its phone and computer systems because of a ransomware attack that occurred on Saturday evening.
According to Richard Delepierre, the co-chairman of the hospital's supervisory board, the attackers behind this ransomware incident have already demanded a ransom.
Currently, the hospital only accepts walk-ins and consultations as it had to partially cancel operations. It was also forced to transfer six patients from its neonatal and intensive care units to other healthcare facilities, according to France's Minister of Health and Prevention François Braun.
CPO News (December 5, 2022) Nearly 500 Million WhatsApp Records Allegedly Stolen in Data Leak, Offered on Dark Web for a Few Thousand Dollars
The world’s most commonly used messaging app may have suffered a data leak impacting about 487 million of its users, if a dark web posting is to be believed.
The threat actor is offering the information for a relatively low cost, dividing it up by country of origin and offering each package for prices in the range of several thousand dollars. It remains to be seen if the entire collection is legitimate, but samples provided by the hackers have been verified by security researchers. If the full data leak is legitimate, it would impact about a quarter of WhatsApp’s global user base.
Other Top Security News