WEEK OF JUNE 13, 2022
2 million impacted by data breach at Massachusetts Health Care Organization
- The incident may have impacted 56 health care facilities and their patients.
- Shields, which provides management and imaging services for health care facilities, said in a statement posted on its website that it “became aware of suspicious activity” on its network on March 28 and launched an investigation to determine the full scope of the incident.
- With help from third-party forensic specialists, the company said it took “immediate steps” to contain the incident and find out how it happened. An investigation determined that someone gained access to some Shields systems and acquired data from March 7 to March 21.
FBI warns 24 million SSNs sold online for $19million as online ‘black market’ raided
- The operation was carried out alongside the Department of Justice (DoJ) and the IRS, which all worked with local police in Cyprus and Latvia.
- Dubbed SSNDOB, the black market organization comprised numerous websites that have for years operated to sell the personal information of individuals living in the United States.
- Such sensitive information includes names, dates of birth, and Social Security numbers.
- The FBI said that the SSNDOB Marketplace had currently listed the personal details of approximately 24 million individuals at the time they seized it.
State-Backed Hackers Exploit Microsoft ‘Follina’ Bug to Target Entities in Europe and U.S
- A suspected state-aligned threat actor has been attributed to a new set of attacks exploiting the Microsoft Office “Follina” vulnerability to target government entities in Europe and the U.S.
- Enterprise security firm Proofpoint said it blocked attempts at exploiting the remote code execution flaw, which is being tracked as CVE-2022-30190 (CVSS score: 7.8). No less than 1,000 phishing messages containing a lure document were sent to the targets.
- “This campaign masqueraded as a salary increase and utilized an RTF with the exploit payload downloaded from 45.76.53[.]253,” the company said in a series of tweets.
BAYC NFT project suffers second hack of the year, this time worth $270,000
- The hackers used a phishing attack through BAYC’s Discord servers.
- The exact amount stolen in the current hack could range between $250,000 to over $370,000.
- BAYC’s Instagram channels had been breached in April this year, with hackers posting fake airdrops.
New Jersey district cancels finals after ransomware attack
- Tenafly Public Schools last week found ransomware had encrypted data on some computers in the district’s network, leading to the cancellation of exams and classes going back to paper, pencils and overhead projectors.
- Final exams were also canceled for all of the district’s high school students as the Bergen County school district tries to get its system back online with the help of cybersecurity consultants, officials said.
- Tenafly Public School District administrators first identified the security incident Thursday, said district communications manager Christine Corliss. It involved the encryption of data by ransomware on some computers in the district’s network.
Large-scale Facebook phishing operation discovered
- The users are drawn to phishing pages, from where their credentials are stolen and ads are displayed for revenue generation.
- The campaign has been active since September 2021 and peaked in April–May 2022. The stolen accounts were used to send further phishing messages to their friends, promoting the campaign exponentially and generating more revenue by showing ads.
- To stay safe, users are suggested to stay vigilant and enable two-factor authentication.