MENTIS is now Mage. READ MORE >




WEEK OF DECEMBER 20, 2021


Volvo hit by cyber theft of intellectual property

  • Swedish car maker says cybersecurity breach could have impact on operations.
  • Volvo, majority-owned by China’s Zhejiang Geely Holding Group, said the data had been stolen from an unnamed third party, which it said had contacted Volvo about the theft.
  • “Investigations so far confirm that a limited amount of the company’s R&D property has been stolen during the intrusion,” the car maker said in a statement, adding that based on information it had gathered “there may be an impact on the company’s operation.”

*Source

PM’s Twitter account briefly hacked

  • A tweet claiming India has “officially adopted bitcoin as legal tender” was put out from it.
  • While Twitter said it took steps to secure the account as soon as it became aware of the issue, it added that as per company’s investigations this was not due to a compromise of its systems or service.
  • The U.S.-headquartered microblogging site added that as per its investigation to date, it appears that the account was not compromised due to any breach of Twitter’s system.

*Source

Fretting about data security, China’s government expands its use of ‘golden shares’

  • Authorities are now also keen to have some control over vast troves of data owned by certain companies, the sources said, adding that the data is seen as a national asset at risk of attack and misuse, including by foreign states.
  • THE Chinese government has been expanding its practice of taking minority stakes in private companies beyond those specialising in online news and content, to firms possessing large amounts of key data, 2 people with knowledge of the matter said.
  • It has made a de facto special management stake or “golden share” arrangement with Full Truck Alliance Co, a Chinese platform arranging trucking services, said one of the people.

*Source

Warning for thousands on US payroll as hackers attack big company with ransomware

  • A ransomware attack on a payroll and HR management software company has left at least one firm struggling to pay its staff.
  • UKG is said to have around 50,000 customers across the globe and was targeted by cyber criminals over the weekend.
  • It’s currently unclear whether user data like payroll information has been stolen or compromised.
  • UKG vice president Bob Hughes said: “We took immediate action to investigate and mitigate the issue, and have determined that this is a ransomware incident affecting the Kronos Private Cloud—the portion of our business where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions are deployed.

*Source

CISA Issues Emergency Directive on Log4j

  • The Cybersecurity Infrastructure and Security Agency orders federal agencies to take actions to mitigate vulnerabilities to the Apache Log4j flaw and attacks exploiting it.
  • “CISA has determined that this vulnerability poses an unacceptable risk to Federal Civilian Executive Branch agencies and requires emergency action. This determination is based on the current exploitation of this vulnerability by threat actors in the wild, the likelihood of further exploitation of the vulnerability, the prevalence of the affected software in the federal enterprise, and the high potential for a compromise of agency information systems,” the emergency directive states.
  • Federal agencies — not including the Defense Department or intelligence agencies — have until 5 p.m. on Dec. 23 to identify, patch, or apply mitigation measures on all Internet-facing systems vulnerable to Log4j or, if necessary, remove the affected software altogether.

*Source 

Sites hacked with credit card stealers undetected for months

  • Threat actors are gearing up for the holidays with credit card skimming attacks remaining undetected for months as payment information is stolen from customers.
  • Magecart skimming is an attack that involves the injection of malicious JavaScript code on a target website, which runs when the visitor is at the checkout page.
  • The code can steal payment details such as credit card number, holder name, addresses, and CVV, and send them to the actor.
  • Threat actors may then use this information for purchasing goods online or sold to other actors on underground forums and dark web marketplaces known as “carding” sites.

*Source 

SECUREFACT ARCHIVE >