GlobalSign Blog

Cybersecurity News Round-Up: Week of June 20, 2022

Cybersecurity News Round-Up: Week of June 20, 2022

Hello,

We took a break for a few weeks, but now our blog is back. Here's the latest in the most impactful stories in cybersecurity.

Let's begin in Germany, where the country's Green party announced it is the victim of a recent cyberattack that affected email accounts belonging to Foreign Minister Annalena Baerbock and Economy Minister Robert Habeck. The cyber attack was first reported last Saturday by German weekly Der Spiegel. While the number of email accounts actually impacted was very small - just 14 - party leaders Ricarda Lang and Omid Nouripour were among those compromised in such a way that some emails were forwarded to addresses outside the party.

In the UK, Logistics giant Yodel has also been impacted by what they call a cyber “incident”, which caused service disruption earlier in the week. The UK delivery company posted an update to its site saying: “We are working to restore our operations as quickly as possible but for now, order tracking remains unavailable and parcels may arrive later than expected.” Although the firm doesn’t hold any customer payment information, it is currently investigating whether any other personally identifiable information (PII) has been taken.

Elsewhere in Europe, Europol announced on Tuesday that police have dismantled a cybercrime group that made millions of euros through phishing and other types of schemes. The law enforcement operation was conducted by police in Belgium and the Netherlands, with support from Europol. The Dutch police arrested nine individuals — eight men and one woman, aged between 25 and 36 — and searched 24 houses in the country. According to police, the suspects were involved in phishing and other internet scams that helped them make millions of euros.

Then in India, logistics provider Grab is denying claims spread by a Malaysian hacktivist group that it fell victim to the group's hacking attack. DragonForce Malaysia says it stole details of Grab delivery personnel. They announced it via social media, and shared a spreadsheet containing names and other data. A Grab spokesperson told Information Security Media Group the spreadsheet contains referrals for motorcycle delivery drivers originating from a third-party vendor, and that it appears none of Grab's systems were directly targeted. 

Here in the U.S., Microsoft and Outlook customers have been the target of a voicemail-themed phishing campaign hitting specific industry verticals across the country. According to analysis from Zscaler's ThreatLabz, a highly targeted offensive began in May, aiming at specific verticals, including software security, the US military, security-solution providers, healthcare/pharmaceuticals and the manufacturing supply chain. 

On Tuesday, President Biden signed three bills into law, two of which focus on improving government cybersecurity. Bill S. 1097, titled the Federal Rotational Cyber Workforce Program Act of 2021, establishes an employee rotational program within the Federal Cyber Workforce. The law establishes that "certain federal employees may be detailed among rotational cyber workforce positions at other agencies" and authorizes agencies to determine which employees are eligible for the program. Bill S. 2520, titled the State and Local Government Cybersecurity Act of 2021, will require the Department of Homeland Security to increase collaboration among state, local, tribal and territorial government entities along with "corporations, associations, and the general public, regarding cybersecurity."

Also this week, major U.S. lender Flagstar Bank announced a security comprise that took place last year. A statement issued from Maine's Attorney General explained that Flagstar was impacted between April and December 2021. The bank estimates that at least the names and social security numbers of more than 1.5 million of its customers were stolen from its computers in December. According to BankInfoSecurity, an unidentified threat actor gained unauthorized access to the bank's systems sometime around last December 4th or December 5th. It wasn't until June 2, following "an extensive forensic investigation and manual document review," that bank officials discovered the breach.

That's all for this week. Thanks for stopping by our blog. 

Amy 

Top Global Security News 

Security Week (June 22, 2022) Belgian, Dutch Police Dismantle Cybercrime Group

Europol announced on Tuesday that police have dismantled a cybercrime group that made millions of euros through phishing and other types of schemes. 

The law enforcement operation was conducted by police in Belgium and the Netherlands, with support from Europol. The Dutch police arrested nine individuals — eight men and one woman, aged between 25 and 36 — and searched 24 houses in the country. 

Police have seized firearms, electronics, jewelry, cash and cryptocurrency from the suspects. The investigation was initiated by Belgian authorities and the individuals arrested in the Netherlands will be handed over to Belgium.
According to police, the suspects were involved in phishing and other internet scams that helped them make millions of euros.

READ MORE

InfoSecurity (June 22, 2022) Yodel Cyber Incident Disrupts UK Deliveries

Logistics giant Yodel has confirmed it is experiencing a cyber “incident” which is causing service disruption.

The UK delivery company posted an update to its site saying: “We are working to restore our operations as quickly as possible but for now, order tracking remains unavailable and parcels may arrive later than expected.” 

Although the firm doesn’t hold any customer payment information, it is currently investigating whether any other personally identifiable information (PII) has been taken.

READ MORE 

Dark Reading (June 22, 2022) Microsoft 365 Users in US Face Raging Spate of Attacks

A voicemail-themed phishing campaign is hitting specific industry verticals across the country, bent on scavenging credentials that can be used for a range of nefarious purposes. 

Microsoft 365 and Outlook customers in the US are in the crosshairs of a successful credential-stealing campaign that uses voicemail-themed emails as phishing lures. The flood of malicious emails anchoring the threat is emblematic of the larger problem of securing Microsoft 365 environments, researchers say. 

According to an analysis from Zscaler's ThreatLabz, a highly targeted offensive has been ongoing since May, aiming at specific verticals, including software security, the US military, security-solution providers, healthcare/pharmaceuticals, and the manufacturing supply chain. 

READ MORE 

CNET (June 21, 2022) Biden Signs Two Bills to Enhance Government Cybersecurity

President Joe Biden signed three bills into new law Tuesday, two of which focus on beefing up government cybersecurity, according to a White House press release. 

Bill S. 1097, titled the Federal Rotational Cyber Workforce Program Act of 2021, establishes an employee rotational program within the Federal Cyber Workforce. The workforce is a "diverse group of practitioners who govern, design, defend, analyze, administer, operate, and maintain our nation's data, systems and networks," according to the CIO Council. 

The law establishes that "certain federal employees may be detailed among rotational cyber workforce positions at other agencies" and authorizes agencies to determine which employees are eligible for the program. 

READ MORE

The Register (June 21, 2022) Info on 1.5m people stolen from US bank in cyberattack

A US bank has said at least the names and social security numbers of more than 1.5 million of its customers were stolen from its computers in December.

In a statement to the office of Maine's Attorney General this month, Flagstar Bank said it was compromised between December and April 2021. The organization's sysadmins, however, said they hadn't fully figured out whose data had been stolen, and what had been taken, until now. On June 2, they concluded criminals "accessed and/or acquired" files containing personal information on 1,547,169 people.

"Flagstar experienced a cyber incident that involved unauthorized access to our network," the bank said in a statement emailed to The Register.

READ MORE 

BankInfoSecurity (June 21, 2022) India-Based Grab Denies Cyberattack Claim by Malaysia's DragonForce

Indian hyperlocal logistics provider Grab is denying claims spread by a Malaysian hacktivist group that it fell victim to a hacking attack.

Hacktivist group DragonForce Malaysia says it stole details of Grab delivery personnel, posting last Saturday on social media platforms Twitter and Telegram a spreadsheet containing names and other data.

A Grab spokesperson tells Information Security Media Group the spreadsheet contains referrals for motorcycle delivery drivers originating from a third-party vendor. No Grab systems were directly targeted, the company says.

READ MORE 

ABC News (June 18, 2022) Germany's Green party says email system hit by cyberattack

The German Green party, which is part of the country's governing coalition, says its IT system was hit by a cyberattack last month that affected email accounts belonging to Foreign Minister Annalena Baerbock and Economy Minister Robert Habeck.

The party confirmed a report Saturday by German weekly Der Spiegel, but said the two hadn't actively used their party accounts since January.

A total of 14 accounts — including those of party leaders Ricarda Lang and Omid Nouripour — were compromised in such a way that some emails were forwarded to addresses outside the party, the Greens said. 

READ MORE 

Other Thought-Provoking Stories

Icefall: 56 flaws impact thousands of exposed industrial devices - Bleeping Computer 

Capital One Attacker Exploited Misconfigured AWS Databases - Dark Reading 

False Air Raid Sirens in Israel Possibly Triggered by Iranian Cyberattack - SecurityWeek 

Latin America governments are prime targets for ransomware due to lack of resources, analysis argues - CyberScoop

Canada's Desjardins Settles Data Breach Lawsuit for $155M - BankInfoSecurity 

Illinois man behind DDoS attack service given 2-year prison sentence - The Record

Jacuzzi customer details could be exposed by SmartTub web bugs, claims researcher - Portswigger 

2 Texas Hospitals Infected With Malicious Code May Face PHI Exposure - HealthITSecurity 

Department of Energy rethinks cyber resilience in strategy to secure the grid - Cybersecurity Dive 

Voicemail phishing emails steal Microsoft credentials - The Register  

Inside a large-scale phishing campaign targeting millions of Facebook users - HelpNetSecurity 

Share this Post

Recent Blogs

  • Resolving the Conflict Between Availability and Security in IT

    Aug 18, 2022

    Operations teams have availability as a priority, whereas security teams are solely focused on creating a secure environment. As a result, there is often conflict between operations and security. Explore how to resolve the conflict.

  • 10 Tips for Hiring and Retaining IT Employees

    Aug 17, 2022

    As the saying goes, "people are your most important asset." This is especially true in the field of information technology (IT), where a company's ability to hire and retain top talent can be the difference between success and failure. Here are 10 ways companies can hire and retain top IT talent.

  • Cybersecurity News Round-Up: Week of August 8, 2022

    Aug 12, 2022

    The UK feeling pained following a ransomware attack on the NHS, 18 tech & cyber companies launch new security standard for sharing cybersecurity information