Federal Bureau of Investigation (FBI)

https://www.washingtonpost.com/nation/2021/11/14/fbi-hack-email-cyberattack/

Exploit: Account Takeover

Federal Bureau of Investigation (FBI): Federal Government Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.417= Severe

A shocking email security breach at the US Federal Bureau of Investigation (FBI) led to the takeover of a user account. The cybercriminals that accomplished the feat were able to use that compromised email account to send tens of thousands of fraudulent emails warning recipients of impending cyberattacks. Messages reached celebrities like Jay Z and journalists including investigative reporter Brian Krebs. The Bureau later confirmed that its Law Enforcement Enterprise Portal (LEEP) was compromised in a cyberattack Friday. FBI officials were quick to stress the fact that the malicious emails originated from an FBI-operated server that was solely dedicated to pushing notifications for LEEP and not part of the FBI’s corporate email service.

Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Business: This incident shows that no organization is immune to a cyberattack, and even the best defenses can fail.

 

 

West Virginia Parkways Authority

https://wvmetronews.com/2021/11/12/parkways-authority-reports-cyber-attack-turnpike-traffic-not-impacted/

Exploit: Ransomware

West Virginia Parkways Authority: State Government Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.822=Severe

A suspected ransomware attack snarled operations at the West Virginia Parkways Authority last Friday. Officials announced that a cyberattack had hit the agency’s internal computer systems, knocking out email, telephones, and various non-critical applications for several hours. According to the statement, no data was extracted or exposed in the incident which only impacted operational technology. Systems have since been restored and the incident is under investigation.

Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Business: Using ransomware against infrastructure targets to shut down their operations has become much more common.

 

 

Robinhood

https://solutionsreview.com/security-information-event-management/robinhood-discloses-data-breach-seven-million-customers-affected/

Exploit: Phishing (Vishing)

Robinhood: Financial Services Platform

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.542=Extreme

Financial services platform Robinhood is in the news again after disclosing a data breach on 11/03. The company blamed the security incident on vishing. Threat actors obtained access to the organization’s customer support systems by obtaining systems access over the phone. This is the same technique that proved successful in the 2020 Twitter hack. According to reports, after accessing the data, the cybercriminals then demanded an extortion payment to keep the data safe. No word on the amount of this demand. The incident is under investigation.

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.312=Extreme

The company disclosed that it estimates a total of seven million users are apparently affected by this breach. Threat actors accessed email addresses for five million customers and a separate list of full names for two million customers. Robinhood says that the bad guys gained access to varying levels of user information including in-depth PII including full names, date of birth and zip code for around 310 users, and extensive records for a subset of 10 users.

Customers Impacted: Unknown

How It Could Affect Your Business: Vishing threats are popping up more frequently as cybercriminals look to vary their approach to obtaining credentials in unexpected ways.

 

 

Hewlett Packer Enterprise (HPE)

https://splash247.com/greek-shipowners-cyber-tricked-over-halloween-weekend/

Exploit: Credential Compromise

Hewlett Packer Enterprise: Business Technology Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.615= Severe

Hewlett Packer Enterprise (HPE) just informed customers that use its Aruba networking unit that their information may have been exposed in a cyberattack on its Aruba Central cloud environment in late October. The company outlined the incident in a statement to the press “On 2 November, HPE discovered that an access key to data related to the network analytics and contact-tracing features of Aruba Central, our cloud-based network management and monitoring solution, was compromised and used by an external actor to access the environment over a period of 18 days between 9 and 27 October 2021.” HPE went on to specify that the data in question included “identifying device media access control (MAC) addresses, IP addresses, device operating systems type and hostnames, and user names for Wi-FI networks where authentication is used, as well as dates, times, and physical Wi-Fi access points (APs) to which devices connected.” The incident is under investigation

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Business: Cybercriminals will do anything to obtain a legitimate user credential because it gives them the keys to the kingdom, enabling them to do massive damage quickly.

 

 

United Kingdom – Simplify Group

https://www.itpro.co.uk/security/cyber-attacks/361510/property-firm-cyber-attack-leaves-customers-in-the-lurch

Exploit: Hacking

Simplify Group: Conveyancing & Property Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.512= Severe

UK property services giant Simplify Group has been experiencing a cyberattack that impacted operations at many of its divisions. The company operates brands like Premier Property Lawyers, My Home Move and DC Law. The outage was a spanner in the works for new and prospective homebuyers, including some that were mid-move, and they were quick to take to social media. Some systems have been restored and the incident is under investigation.

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Business: Operational disruption from a ransomware attack is just as likely as data theft and sometimes even more damaging.

 

 

Spain – S.A. Damm

https://gadgets.ndtv.com/internet/news/cyberattack-damm-beer-barcelona-estrella-brewery-shut-down-llobregat-2609233

Exploit: Ransomware

S.A. Damm: Brewing

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.595 = Extreme

Operations went flat at Spanish brewer S.A. Damm after a ransomware attack crippled production. The company disclosed that the cyberattack hit the brewery on Tuesday night and for a few hours the plant in El Prat de Llobregat, which produces 7 million hectolitres of beer a year, was “entirely paralyzed”. Operations were partially restored quickly and the rest of the recovery is expected to be completed soon.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware gangs have been stopping production in factories rather than stealing data in the hopes of scoring a quick ransom from desperate businesses.