Blog de Camel Secure

Cyber Summary of the Week

Escrito por Camel Secure | 30-04-2021 9:00:00

At Camel Secure we want you to be informed. That is why we present you this summary with the most important news in cybersecurity of the week

CISA AND FBI WARN OF RUSSIAN CYBER THREATS

CISA, the United States Cybersecurity and Infrastructure Security Agency, with the FBI, warned of continued threats from Russian hackers.

Both agencies indicate that attackers continue to pose a threat to government networks, think tanks and private technology companies. Along with this, they noted that attackers use a wide variety of techniques and tools.

According to CISA and the FBI, Russian attackers "will continue to seek intelligence from US and foreign entities through cyber exploitation, using a range of initial exploitation techniques that vary in sophistication, along with trading stealth intrusion within the compromised networks "

Russia denies the allegations, which are directed primarily at its intelligence services, specifically the SVR.

This warning is part of an escalation of diplomatic disagreements between the two countries and that have had a series of mutual sanctions in recent weeks.

MALWARE EMOTET AUTOMATICALLY UNINSTALLED

On April 25, a large group of police and justice agencies in Europe and the United States carried out an operation to disrupt the Emotet botnet. The action called Operation Ladybird culminated in the control of the attacking infrastructure consisting of at least 700 servers.

To achieve the goal of cleaning infected systems around the world, the agencies released a 32-bit payload called "EmotetLoader.dll", which was automatically activated last Sunday, according to Malwarebytes researchers.

Marcin Kleczynski, executive director of Malwarebytes, indicated that despite the good intention behind this effort, the action must be complemented with the publication of the update on the open internet.

Countries participating in the operation include Germany, the Netherlands, United States, United Kingdom, France, Lithuania, Ukraine and Canada, as well as Europol and Eurojust.

20 MILLION INDIA DELIVERY SERVICE CUSTOMER DATA EXPOSED

BigBasket, a popular grocery delivery service in India, was the victim of a security breach that culminated in the exposure of at least 20 million customer data in that country.

ShinyHunters, a well-known computer data marketer, posted the information for free on a special forum for hackers.

The exfiltration of the information dates from before November 2020, the date on which the incident was made public, which was also warned to the police of that country and communicated to customers in their social networks.

Among the data that were exposed by ShinyHunters were emails, addresses, passwords and cell phone numbers.

ShinyHunters would have tried to sell the information in previous months without success. This profile has also been behind the sale of other databases of several hundred million users, including companies from different parts of the world such as Tokopedia (91 million data), TeeSpring, Minted (5 million), Chatbooks (15 million), Dave (7.5 million), Promo (22 million), Mathway (25 million) and Wattpad (270 million).