Hello and welcome back to the GlobalSign blog! Here's what's been happening in cybersecurity.
Business and tech news publisher Fast Company remains offline following a cyberattack on Tuesday evening. The company decided to block access due to "offensive messages" to readers via its Apple News feed. According to Bleeping Computer, the first sign of a breach "occurred on Sunday afternoon when the site's home page began filling up with stories titled "Hacked by Vinny Troia. [redacted] tongue my [redacted]. Thrax was here.' " The story continues that "Members of the Breached hacking community, and the now shut down RaidForums, have a long-standing feud with security researcher Vinny Troia where they commonly deface websites and perform hacks, which they blame on the researcher."
Meta, which operates Facebook and Instagram, this week revealed it took down "an extensive network of Facebook and Instagram accounts" promoting disinformation. That disinformation was published on more than 60 websites that spoofed multiple legitimate news sites across Europe including Germany, France, Italy, Ukraine, and the U.K. The effort to remove the disinformation began in May.
TikTok could be on the hook for £27m following news that the UK's Information Commissioner's Office (ICO) is none too pleased about breaches of the country's data protection laws between 2018 and 2020. The most concerning of the ICO findings is that the Chinese social networking giant may have processed the data of children under the age of 13 without “appropriate” parental consent.
Chile's judicial system was forced to take 150 computers offline earlier this week to stop the spread of the Cryptolocker Trojan virus, which maliciously encrypts files. However authorities there have stressed that court proceedings were mostly unaffected. The Cryptolocker Trojan was injected into its network after a phishing email was opened on Sunday night.
There was a massive attack last week in Australia at communications giant Optus. A week later, the hacker responsible has removed a customer database from the web. The user 'Optusdata' claimed responsibility for the attack on Tuesday, but also announced they deleted the only copy of the stolen data. The hacker also claims they will not sell the data to anyone and apologized to the 10,000 people whose data was leaked.
A class action lawsuit against electronics giant Samsung was recently filed over two data breaches the company has suffered this year. Two users filed a 43-page complaint with the Federal District Court for the Northern District of California. The lawsuit, which was filed on September 10th, claims the user data Samsung collected was unnecessary and was sold without the proper security protections in place, and because of that, a data breach was the end result.
Nearly two months after the massive cyber attack at the UK's National Health Service (NHS) began, the impact of the incident continues. There are still disruptions for appointment check-ins, medical notes and more.
That's a wrap for this week. Catch you next week for the latest in cybersecurity news!
Top Global Security News
Bleeping Computer (September 28, 2022) Hacker shares how they allegedly breached Fast Company’s site
Fast Company took its website offline after it was hacked to display stories and push out Apple News notifications containing obscene and racist comments. Today, the hacker shared how they allegedly breached the site.
The site today shows a statement from the company confirming they were hacked on Sunday afternoon, followed by an additional hack on Tuesday evening that allowed threat actors to push out racist notifications to mobile devices via Apple News.
"Company's content management system was hacked on Tuesday evening. As a result, two obscene and racist push notifications were sent to our followers in Apple News about a minute apart," reads a statement on Fast Company's website.
InfoSecurity (September 27, 2022) Alleged Optus Hacker Apologizes, Deletes Customers' Exposed Data
The hacker behind last week's Optus data breach seems to have taken down the database containing customers' released information.
A user going by 'optusdata' and posting on BreachForums claimed responsibility for the attack earlier today and said they had deleted the only copy of the stolen data.
"Too many eyes. We will not [sell] data to anyone. We can't if we even want to: personally deleted data from drive (Only copy)."
However, the alleged hacker also apologized to 10,000 Australian individuals whose data had been leaked.
BBC (September 27, 2022) Oxford Health: Cyber attack continues to hit NHS trust's services
A cyber attack on NHS systems spotted nearly two months ago is still "compromising" the quality of care trusts can provide, a health boss said. Software used for check-ins, notes and the NHS 111 service was affected by the ransomware attack found on 4 August.
The chief executive of Oxford Health Foundation Trust (OH), Nick Broughton, said it has done all it can to maintain services despite the disruption.
Software provider Advanced said disruption could continue for weeks.
The trust said it initiated an internal critical incident in early August with a full emergency response.
Databreach Today (September 27, 2022) Chilean Court System Hit With Ransomware Attack
The Chilean judicial system yanked 150 computers offline to stop the spread of a virus that maliciously encrypts files even as authorities stressed that court proceedings were mostly unaffected.
The event is the latest cyber disruption affecting the South American country. The nation's consumer protection agency was hit by a ransomware attack that started on Aug. 25 (see: Chile Consumer Protection Agency Hit by Ransomware Attack) and just days ago, hundreds of thousands of emails hacked from the military's Joint Chiefs of Staff were published online.
The judicial system on Monday attributed the spread of the Cryptolocker Trojan inside its network to a phishing email opened on Sunday night. It affected computers operating Windows 7 and loaded with McAfee antivirus, reaching just 1% of court system computers, said court administration official Zvonimir Koporcic. "We are changing the antivirus," he said.
Bleeping Computer (September 27, 2022) Meta dismantles massive Russian network spoofing Western news sites
Meta says it took down an extensive network of Facebook and Instagram accounts pushing disinformation published on more than 60 websites that spoofed multiple legitimate news sites across Europe.
This influence network mainly targeted Germany, France, Italy, Ukraine, and the U.K., with original articles arguing that Western sanctions on Russia would backfire and criticizing Ukraine and Ukrainian refugees.
"The operation began in May of this year and centered around a sprawling network of over 60 websites carefully impersonating legitimate websites of news organizations in Europe," said Meta's Global Threat Intelligence Lead Ben Nimmo and Threat Disruption Director David Agranovich.
Security Week (September 27, 2022) Samsung Sued Over Recent Data Breaches
Represented by Clarkson Law Firm, two Samsung users have filed a class action lawsuit against the electronics manufacturer over the two data breaches the company has suffered in 2022.
The 43-page complaint filed with the Federal District Court for the Northern District of California claims that Samsung unnecessarily collected user data and then stored and sold it without proper security protections, which led to two back-to-back data breaches.
The lawsuit claims that Samsung intentionally disabled specific functions and features of its electronics products, including TVs and printers, and required users to submit personally identifiable information such as home addresses and dates of birth.
Infosecurity (September 27, 2022) TikTok Facing £27m UK Regulatory Fine
The UK’s privacy regulator has announced its intention to fine TikTok £27m over breaches of the country’s data protection laws. The Information Commissioner’s Office (ICO) issued the Chinese social networking giant with a “notice of intent” that explains it believes TikTok broke the law between 2018 and 2020.
The ICO's provisional findings indicate that TikTok may have:
Processed the data of children under the age of 13 without “appropriate” parental consent
Failed to provide information to users “in a concise, transparent and easily understood way”
Processed special category data – which includes ethnic and racial origin, genetic, health and biometric data, and more – without legal grounds to do so
Other Top Cybersecurity News
Meta Takes Down Russian "Smash-and-Grab" Disinformation Campaign - Infosecurity
Most organizations had a cloud-related security incident in the past year | Cybersecurity Dive
Energy, Finance and Telecoms Corporations Test Their Cyber Mettle - Wall Street Journal PRO (requires subscription)
IRS warns Americans of massive rise in SMS phishing attacks - Bleeping Computer
The Dire Warnings in the Lapsus$ Hacker Joyride - Wired
What the Securing Open Source Software Act does and what it misses - ZDNet
Paying the ransom is still the most common response to a ransomware attack - VM Blog
Hacktivist Attacks Show Ease of Hacking Industrial Control Systems - Security Week
Payment Systems - What’s on the horizon? - Lexology