Cyber News Weekly 2018
4 – 12 February 2019
FINANCE INDUSTRY
4 – 12 February 2019
IcedID trojan operators have been targeting e-commerce vendors in the US to steal access credentials and payment card data since November 2018.
Read More
GOVERNMENT SECTOR
4 – 12 February 2019
Australia is investigating an intrusion attempt against its Federal Parliament network to determine if any information is stolen during the attack.
Read More
TRANSPORT INDUSTRY
4 – 12 February 2019
Several major airlines are exposing passengers’ personal information by sending check-in links over HTTP instead of HTTPS. These links are typically sent via email or SMS and they are used to initiate the check-in process.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
4 – 12 February 2019
An ongoing phishing campaign is using Google Translate to hide the real phishing domain that is designed for stealing Google and Facebook login credentials.
Read More
EDUCATION INDUSTRY
4 – 12 February 2019
Public schools in the US reported 122 cybersecurity incidents in 2018, of which nearly 60% resulted in students' personal data being compromised.
Read More
HEALTHCARE INDUSTRY
4 – 12 February 2019
CarePartners, a Canadian home care service provider, is still trying to contain the fallout from a data breach that took place in June 2018.
Read More
4 – 12 February 2019
The login credentials from 16 compromised websites are now available for sale in the darknet market for a total estimated price of US$20,000 in Bitcoin.
Read More
Cyber News Weekly 2018
29 January – 4 February 2019
FINANCE INDUSTRY
29 January – 4 February 2019
India's largest bank, State Bank of India (SBI), has leaked the financial records belonging to millions of customers after failing to secure a Mongo database with a password.
Read More
GOVERNMENT SECTOR
29 January – 4 February 2019
OceanLotus (APT 32) has been targeting private sectors across multiple industries and foreign governments to install a custom downloader known as KerrDown.
Read More
TRANSPORT INDUSTRY
29 January – 4 February 2019
Aircraft manufacturer, Airbus, is investigating a cyber incident and data breach at its commercial aircraft business after intruders gained access to employees' personal information.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
29 January – 4 February 2019
Insecure third-party extensions in Magento e-commerce platform have been identified as the main source of Magento hacks for the last three months, affecting several thousand stores.
Read More
EDUCATION INDUSTRY
29 January – 4 February 2019
A trojan known as XinGe (鑫哥) has infected at least 75,000 computers at nine universities and over 60 Internet cafes in China.
Read More
HEALTHCARE INDUSTRY
29 January – 4 February 2019
A healthcare organisation based in California, US, suffered two phishing attacks in November 2018 and January 2019 and exposed an unknown number of medical records and employee data.
Read More
29 January – 4 February 2019
On 1 Feb 2019, major DNS software and service providers have ceased implementing DNS resolver workarounds for systems that are non-compliance with the Extension to DNS (EDNS) protocol.
Read More
Cyber News Weekly 2018
22-29 January 2019
FINANCE INDUSTRY
22-29 January 2019
Threat actors, probably from the financially-motivated Cobalt Group, have been using Google Cloud Platform (GCP) for distributing malware to government and financial institutions worldwide.
Read More
GOVERNMENT SECTOR
22-29 January 2019
Recent research has indicated possible linkages between two prolific advanced persistent threat groups that likely operate out of Russia.
Read More
TRANSPORT INDUSTRY
22-29 January 2019
Hackers from the Syrian Revolutionary Group defaced the Beirut Rafik Hariri International Airport's website to post a political message accusing Lebanon of mistreating Syrian refugees.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
22-29 January 2019
An online casino group has inadvertently leaked information on 108 million bets, which included users’ personally identifiable information, IP addresses, browser and OS details.
Read More
EDUCATION INDUSTRY
22-29 January 2019
US universities are refraining from using telecom equipment made by Huawei Technologies and other Chinese companies to avoid losing research grant and government funding.
Read More
HEALTHCARE INDUSTRY
22-29 January 2019
Singapore's Ministry of Health (MOH) suffered a data breach, which exposed a sensitive database containing information of some 14,200 HIV positive individuals.
Read More
22-29 January 2019
The US Department of Homeland Security has issued an emergency directive to halt a widespread domain name system (DNS) hijack campaign.
Read More
Cyber News Weekly 2018
15–22 January 2019
FINANCE INDUSTRY
15–22 January 2019
West African financial institutions have been targeted in a series of cyber attacks that leverage living off the land tactics and off-the-shelf, commodity malware.
Read More
GOVERNMENT SECTOR
15–22 January 2019
A US government department which deals with securities cases and investigation exposed an estimated 3TB of data that included personally identifiable information, email exchanges and FBI investigation records.
Read More
TRANSPORT INDUSTRY
15–22 January 2019
The Amadeus ticket booking system contains a vulnerability that allows anyone to access and change private information on flight bookings.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
15–22 January 2019
A new Magecart group, labelled as Group 12, has compromised a French advertising network to distribute card skimming scripts.
Read More
EDUCATION INDUSTRY
15–22 January 2019
The Glasgow Caledonian University (GCU) has warned its staff and students that an ongoing phishing campaign is collecting email credentials to take over accounts for malicious purposes.
Read More
HEALTHCARE INDUSTRY
15–22 January 2019
Health Sciences North (HSN), a public hospital and academic health science centre in Ontario, Canada, suffered a malware attack that forced its IT systems to shut down as a precaution to contain the outbreak.
Read More
15–22 January 2019
A huge collection of exposed login credentials totalling 87GB was recently discovered in file hosting service, Mega.nz.
Read More
Cyber News Weekly 2018
08-15 January 2019
FINANCE INDUSTRY
08-15 January 2019
The Hong Kong credit bureau of Chicago-based TransUnion apologised after it discovered that unauthorised individuals could access mortgage information on its website. However, TransUnion refused to admit that any data leak had happened.
Read More
GOVERNMENT SECTOR
08-15 January 2019
Australian government contractors were recently targeted in a new tender-themed phishing scam that sought to lure users into divulging their account credentials by registering for eligibility to bid on commercial projects in 2019.
Read More
TRANSPORT INDUSTRY
08-15 January 2019
The Singapore Airlines (SIA) has warned customers of a phishing scam that offers free air tickets while requesting for personal information.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
08-15 January 2019
Daniel Kaye, the British hacker who knocked the whole of Liberia offline by carrying out a powerful cyberattack on Liberia’s leading internet company Lonestar in 2016, has been jailed. Kaye had been hired by an employee working for Cellcom, a competitor of Lonestar, to attack Lonestar in 2015.
Read More
EDUCATION INDUSTRY
08-15 January 2019
The University of Kentucky in Kentucky, United States, was targeted in a new gift card email scam in which scammers impersonated a university executive and requested for gift cards.
Read More
HEALTHCARE INDUSTRY
08-15 January 2019
Integrated Health Information Systems (IHiS) has fired two employees and imposed a ‘significant’ financial penalty on five members of its senior management over the SingHealth cyberattack, which exposed the personal information of 1.5 million patients.
Read More
08-15 January 2019
This week we received reports on two prominent APT groups – APT 10 and an unnamed group with connections to Iran.
Read More
Cyber News Weekly 2018
31 December-08 January 2019
FINANCE INDUSTRY
31 December-08 January 2019
Hacker group TA554 has been using the sLoad dropper to distribute the Ramnit banking trojan in attacks targeted at financial institutions in the UK and Italy.
Read More
GOVERNMENT SECTOR
31 December-08 January 2019
Unknown attackers had been publishing stolen personal data from approximately 1,000 German politicians, including Chancellor Angela Merkel, on Twitter since December.
Read More
TRANSPORT INDUSTRY
31 December-08 January 2019
The personal details of 285 KrisFlyer members were exposed due to a software glitch affecting Singapore Airlines’ (SIA) website. The breach happened when any two KrisFlyer members accessed transactions displaying their membership information at the same time, while also being assigned the same server by the system.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
31 December-08 January 2019
South Korea’s Ministry of Unification said that 77 reporters of the ministry’s press corps that cover relations with North Korea received an email with a compressed file attachment, which contained two malicious executable files disguised as PDF and HWP files.
Read More
EDUCATION INDUSTRY
31 December-08 January 2019
At least three employees of Wichita State University in Kansas, United States, lost their paychecks after falling prey to a phishing email with a malicious link.
Read More
HEALTHCARE INDUSTRY
31 December-08 January 2019
Chaplaincy Health Care, a hospice in Washington, United States, suffered a breach in late November after an employee fell prey to a phishing attack in which attackers stole his or her email login credentials.
Read More
31 December-08 January 2019
Hackers had a blast in 2018. How about cybersecurity providers and other companies?
Read More
Cyber News Weekly 2018
24-31 December 2018
FINANCE INDUSTRY
24-31 December 2018
The Electrum wallet suffered a phishing attack that led to a loss of 245 bitcoins (S$1,261,664).
Read More
GOVERNMENT SECTOR
24-31 December 2018
A computer at a state-run resettlement centre in North Gyeongsang province, South Korea, was hacked by unknown hackers, exposing the personal data of approximately 1,000 North Korean defectors.
Read More
TRANSPORT INDUSTRY
24-31 December 2018
Researchers found that attackers had been targeting the Italian automotive sector with RevengeRAT malware.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
24-31 December 2018
A cyberattack hit a shared newspaper production platform in Los Angeles, United States, and disrupted distribution for several news outlets, including the Los Angeles Times, Chicago Tribune, and Baltimore Sun.
Read More
EDUCATION INDUSTRY
24-31 December 2018
The Westminster College in Utah, United States, issued a notification saying that the college had been the victim of a phishing attack in which an unauthorised third party gained access to eleven employees’ email accounts.
Read More
HEALTHCARE INDUSTRY
24-31 December 2018
A federal judge has approved a settlement between Alabama-based Flowers Hospital and the 1,200 patients whose data had been stolen from the hospital in 2014.
Read More
24-31 December 2018
Hackers had a blast in 2018. How about cybersecurity providers and other companies?
Read More
Cyber News Weekly 2018
11-18 December 2018
FINANCE INDUSTRY
11-18 December 2018
The Donot APT group, also known as APT-C-35, has been targeting a Pakistani businessman working in China since May.
Read More
GOVERNMENT SECTOR
11-18 December 2018
Researchers discovered a new global campaign dubbed Operation Sharpshooter that targets 87 nuclear, defence, energy, and financial entities across the world.
Read More
TRANSPORT INDUSTRY
11-18 December 2018
The latest edition of a cybersecurity guide published by a conglomerate of 21 international shipping associations and industry groups disclosed several previously unknown cyberattacks that happened on ships and ports.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
11-18 December 2018
Facebook has identified a bug that may have exposed the private photos of up to 6.8 million users.
Read More
EDUCATION INDUSTRY
11-18 December 2018
Analysis published by SecurityScorecard, an information security company based in the United States, shows that the education industry has been ranked the worst in cybersecurity out of 17 major industries in 2018.
Read More
HEALTHCARE INDUSTRY
11-18 December 2018
The Pre-Hospital Emergency Care Council (PHECC), an independent statutory health organisation in Ireland, erroneously exposed the email addresses of 200 job applicants in an email to inform them that their applications had been unsuccessful.
Read More
11-18 December 2018
This week there were multiple reports about cyberattacks on critical information infrastructure sectors around the world, raising concerns about the potential damages on the national security of affected countries.
Read More
Cyber News Weekly 2018
04-11 December 2018
FINANCE INDUSTRY
04-11 December 2018
Researchers found that cybercriminals had raided the ATMs of several East European banks between 2017 and 2018 using a toolkit dubbed KoffeyMaker.
Read More
GOVERNMENT SECTOR
04-11 December 2018
One of the polyclinics of the Presidential Administration of Russia suffered an APT attack at the end of November, after victims received a lure document that exploited an Adobe Flash zero-day (CVE-2018-15982) to download a malware with self-destruction functions.
Read More
TRANSPORT INDUSTRY
04-11 December 2018
TheDarkOverLord hacked Channel Ship Services, a specialist offshore maritime recruitment and placement company operating out of the Channel Islands, and pilfered confidential documents such as seafarer agreements and contracts that specify contractors’ names, passport numbers, wage rates, and other contractual provisions.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
04-11 December 2018
Attackers have been disseminating phishing emails in the name of Netflix to fool unsuspecting recipients.
Read More
EDUCATION INDUSTRY
04-11 December 2018
The Stolen Pencil APT campaign, which has links to North Korea, has been targeting academic institutions since at least May 2018.
Read More
HEALTHCARE INDUSTRY
04-11 December 2018
An error with the keying in of patient information for a patient satisfaction survey at Thielen Student Health Center (TSHC) enabled 600 patients to see the names, appointment dates, and medical providers of other patients.
Read More
04-11 December 2018
While some APT groups have been avoiding the use of custom malware and adopting off-the-shelf tools to minimise suspicion and attribution of attacks, still there are prominent groups that continue to invest heavily in developing and refining custom backdoors, as well as hunting for zero-days.
Read More
Cyber News Weekly 2018
27 November-04 December 2018
FINANCE INDUSTRY
27 November-04 December
Research shows that four North Korean hacker groups – Lazarus, TEMP.Hermit, APT37, and APT38 – continue to attack South Korean companies, financial institutions, and public corporations despite rapprochement between North and South Korea.
Read More
GOVERNMENT SECTOR
27 November-04 December
Russian hacker group Fancy Bear, also known as Sofacy and APT28, has been sending Brexit-themed phishing emails with a macros-laden document that promised information about the recent Brexit negotiations between the UK and the EU.
Read More
TRANSPORT INDUSTRY
27 November-04 December
Customers who used service and emotional support animals claimed that the American budget airline Allegiant Air had violated their privacy by exposing their names and personal email addresses to hundreds of passengers in an email announcing policy changes.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
27 November-04 December
Marriott International, an American multinational hospitality company, said that its Starwood reservation system was hacked, exposing the personal data of up to 500 million customers, including their passport and credit card details.
Read More
EDUCATION INDUSTRY
27 November-04 December
A former PhD student and a university employee have been accused of hacking into the Embry-Riddle Aeronautical University’s system.
Read More
HEALTHCARE INDUSTRY
27 November-04 December
The United States indicted two Iranians for deploying the SamSam ransomware in a major hacking campaign and sanctioned two others for exchanging the ransom payments from Bitcoin into rials.
Read More
27 November-04 December
How did your businesses fare security-wise over Black Friday and Cyber Monday?
Read More
Cyber News Weekly 2018
20-27 November 2018
FINANCE INDUSTRY
20-27 November 2018
The Singapore police and DBS bank cautioned customers of a reappearance of phishing SMSes, after more than 50 DBS customers fell prey to the scam over the past two months.
Read More
GOVERNMENT SECTOR
20-27 November 2018
The Indiana Department of Revenue and the US Internal Revenue Service warned of email scams in which senders posed as the revenue agencies to deceive recipients into downloading the Emotet banking trojan.
Read More
TRANSPORT INDUSTRY
20-27 November 2018
The US Postal Service (USPS) fixed a website flaw that allowed any user who has an account at usps[.]com to view the account details of 60 million users and modify some of them.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
20-27 November 2018
High Tail Hall, an adult furry video game, was hacked in August, exposing the personal data of close to half a million members.
Read More
EDUCATION INDUSTRY
20-27 November 2018
The University of Illinois (UIC) warned of gift cards email scams targeting faculty and employees last week.
Read More
HEALTHCARE INDUSTRY
20-27 November 2018
The Ohio Valley Medical Center and East Ohio Regional Hospital, both owned by parent company Ohio Valley Health Services & Education Corporation, ceased emergency service transports after suffering ransomware attacks last Friday.
Read More
20-27 November 2018
How did your businesses fare security-wise over Black Friday and Cyber Monday?
Read More
Cyber News Weekly 2018
13-20 November 2018
FINANCE INDUSTRY
13-20 November 2018
Two hacker groups – Silence and MoneyTaker – have been targeting Russian financial institutions with phishing emails designed to look like they come from the Central Bank of Russia (CBR) and Financial Sector Computer Emergency Response Team (FinCERT).
Read More
GOVERNMENT SECTOR
13-20 November 2018
Russian hackers have been found impersonating US State Department aides like public affairs specialist Susan Stevenson and government official Heather Nauert in a new phishing operation aimed at infecting computers of US government agencies, think tanks, and businesses.
Read More
TRANSPORT INDUSTRY
13-20 November 2018
Privacy4Cars, the first mobile application designed to eliminate personally identifiable information from modern vehicle infotainment systems, has publicly disclosed a vehicle hack dubbed CarsBlues.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
13-20 November 2018
Malaysia’s leading media group Media Prima, which owns newspapers New Straits Times, Berita Harian and TV3, suffered a ransomware attack in which attackers demanded RM 26 million worth of bitcoins in ransom.
Read More
EDUCATION INDUSTRY
13-20 November 2018
Thousands of students from UK universities have been hit by a significant volume of fake tax refund emails in the past three to four weeks.
Read More
HEALTHCARE INDUSTRY
13-20 November 2018
The Midlands Regional Hospital, a public hospital in Ireland managed by the Irish Government’s Health Service Executive, suffered a ransomware attack that affected its Laboratory Information System and associated IT infrastructure.
Read More
13-20 November 2018
With the festive season approaching, security companies are cautioning consumers and online merchants of the potential surge of cyberattacks over the next two months.
Read More
Cyber News Weekly 2018
05-13 November 2018
FINANCE INDUSTRY
05-13 November 2018
HSBC Bank’s American clients were hit by a data breach after hackers obtained access to customers’ account information, statement and transaction histories, and personal data between 04 and 14 October.
Read More
GOVERNMENT SECTOR
05-13 November 2018
Malaysia’s centre-left multiracial political party Parti Keadilan Rakyat (PKR), led by Anwar Ibrahim, suspended the voting results from Julau division in Sarawak after the tablets used for voting were allegedly compromised with a malicious anti-theft software called Prey Anti Theft.
Read More
TRANSPORT INDUSTRY
05-13 November 2018
The delivery tracking tool of the Canada Post, the primary postal operator in Canada, was hacked by an unidentified individual.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
05-13 November 2018
Reporters Without Borders (RSF), an international non-profit organisation that conducts political advocacy on issues relating to freedom of information and freedom of the press, has called on journalists to stay vigilant after a dissident Saudi reporter repeatedly received phishing emails in which hackers impersonated journalists and attempted to trick him into clicking malicious links.
Read More
EDUCATION INDUSTRY
05-13 November 2018
Scotch College, a private boys’ school in Melbourne, Australia, has cautioned parents of an email scam asking them to send college fees to a different bank account.
Read More
HEALTHCARE INDUSTRY
05-13 November 2018
Huntsville Hospital in Alabama, United States, has disclosed Jobscience’s data breach, which may have involved information of individuals who applied for jobs at the hospital.
Read More
05-13 November 2018
As the festive season approaches, more shoppers are going online to shop for year-end gifts and snap up commodities on festive promotions.
Read More
Cyber News Weekly 2018
30 October - 05 November 2018
FINANCE INDUSTRY
30 October - 05 November 2018
Turkish police arrested 11 suspects in an alleged hack of cryptocurrency accounts that led to a loss of more than US$80,000.
Read More
GOVERNMENT SECTOR
30 October - 05 November 2018
Austral, an Australian shipbuilder and defence contractor, has reported a data breach in which personnel files from its data management system were hacked by an unknown hacker.
Read More
TRANSPORT INDUSTRY
30 October - 05 November 2018
Eurostar, a high-speed railway service that connects London with other European countries, has reset customer passwords after detecting attempts to hack into customer accounts.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
30 October - 05 November 2018
Federal Group, a privately-owned family company that operates casino, tourism, and retail assets in Tasmania, Australia, suffered a data breach after hackers compromised a third-party email distribution service and disseminated spam emails to customers.
Read More
EDUCATION INDUSTRY
30 October - 05 November 2018
Kristi Sims, a former contractor who handled administrative tasks for the Office of Safety and Security at Chicago Public Schools, was arrested last Thursday after stealing information of 80,000 employees, volunteers, and vendors from a database.
Read More
HEALTHCARE INDUSTRY
30 October - 05 November 2018
The attackers behind the SamSam ransomware remain highly active this year, having had targeted 67 different targets, most of which are in the US and belong to the healthcare sector.
Read More
30 October - 05 November 2018
Some observers may argue that ransomware is no longer the most prevalent malware this year after being overtaken by crypto miners, but ransomware is not any less sophisticated and damaging than before.
Read More
Cyber News Weekly 2018
23 – 30 October 2018
FINANCE INDUSTRY
23 – 30 October 2018
A Pakistani bank known as Bank Islami has allegedly lost US$6 million during a cyber heist involving fraudulent debit card transactions originating from the US and Brazil.
Read More
GOVERNMENT SECTOR
23 – 30 October 2018
A Moscow-based laboratory, Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM), has been linked to the Triton malware that disrupted production at a Saudi Arabian critical infrastructure facility in December 2017.
Read More
TRANSPORT INDUSTRY
23 – 30 October 2018
Hong Kong's Cathay Pacific Airways has suffered a data breach that may affect as many as 9.4 million customers.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
23 – 30 October 2018
The adaptive Magecart group continues to devise new methods for injecting its skimmer script at online retail stores.
Read More
EDUCATION INDUSTRY
23 – 30 October 2018
Schools in New Zealand have reported a surge in cyber attacks that aim to take down school websites through distributed denial of service (DDoS) attacks.
Read More
HEALTHCARE INDUSTRY
23 – 30 October 2018
Phishing attacks continue to pose significant threats to the healthcare sector as the vector is often associated with compromised credentials that can lead to attacks such as ransomware and business email compromise.
Read More
23 – 30 October 2018
A researcher by the Twitter handle SandboxEscaper has released another zero-day vulnerability on social media without first coordinating disclosure with the vendor.
Read More
Cyber News Weekly 2018
16-23 October 2018
FINANCE INDUSTRY
16-23 October 2018
Hackers defaced the Future Investment Initiative website and left messages that criticised the Saudi regime over the alleged killing of journalist Jamal Khashoggi, the war in Yemen, and financing terrorism.
Read More
GOVERNMENT SECTOR
16-23 October 2018
Researchers discovered an espionage campaign dubbed Operation Oceansalt that targets Koreans using an unknown data reconnaissance implant, which appears to be a reuse of code from the Seasalt implant previously linked to Chinese hacker group Comment Crew.
Read More
TRANSPORT INDUSTRY
16-23 October 2018
Researchers found four several authentication and encryption firmware vulnerabilities in marine diesel engine controllers and their Android applications by Norwegian marine supplier Auto-Maskin.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
16-23 October 2018
A group of hacktivists dubbed the Ghost Squad Hackers has claimed responsibility for a Distributed Denial of Service (DDoS) attack that took YouTube offline last week.
Read More
EDUCATION INDUSTRY
16-23 October 2018
The Durham University’s employee data had been compromised after its benefits portal, which is supplied by food services and facilities management firm Sodexo, was hacked.
Read More
HEALTHCARE INDUSTRY
16-23 October 2018
The Health Promotion Board’s (HPB) HealthHub portal had been hacked over four days between September and October. The attack was discovered after a user suspected that her account had been accessed without her authorisation.
Read More
16-23 October 2018
This week, we received several reports about router vulnerabilities.
Read More
Cyber News Weekly 2018
09-16 October 2018
FINANCE INDUSTRY
09-16 October 2018
The Ministry of Finance issued an advisory on how to spot fake SG Bonus SMSes that have been circulating of late. The fake SMSes state the sender’s name as Gov.sg and include the link ‘sg-gov[.]com’.
Read More
GOVERNMENT SECTOR
09-16 October 2018
Unidentified hackers had breached travel records at the U.S. Department of Defense, giving them access to the personal and credit card information of as many as 30,000 military and civilian personnel.
Read More
TRANSPORT INDUSTRY
09-16 October 2018
Researchers found that more than 30 systems used by airlines to analyse data from airplane sensors were available online and could be used to pivot into datacentre systems and servers vulnerable to legacy security issues.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
09-16 October 2018
Penguin Random House North America and Pan Macmillan have warned of a series of phishing attacks targeted at stealing manuscripts.
Read More
EDUCATION INDUSTRY
09-16 October 2018
A schoolgirl at Manor Lakes P-12 College in Melbourne, Australia, discovered confidential student files on her iPad’s Google Documents folder that contained photos, medical details, and family information of other students at the school.
Read More
HEALTHCARE INDUSTRY
09-16 October 2018
The Committee of Inquiry (COI) into the SingHealth cyberattack in June heard that the attacker had installed a customised malware that had not been seen elsewhere and used modified open source tools that evaded anti-virus software.
Read More
09-16 October 2018
The recent attacks on financial institutions, healthcare institutions, and government organisations in Singapore and around the world have thrust APT groups into the limelight again.
Read More
Cyber News Weekly 2018
02-09 October 2018
FINANCE INDUSTRY
02-09 October 2018
The Monetary Authority of Singapore (MAS) has warned the public of phishing emails impersonating the authority to deceive recipients into disclosing personal and financial information.
Read More
GOVERNMENT SECTOR
02-09 October 2018
A French police officer who worked for a French intelligence agency had sold sensitive police files in a dark web market known as Black Hand, allowing criminals to create forged documents using the stolen files.
Read More
TRANSPORT INDUSTRY
02-09 October 2018
Hackers have been using fake sites that closely resemble that of the Japanese delivery company Sagawa to spread a new FakeSpy Android malware variant. One of the fake sites has no SSL certificate and its page layout is broken.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
02-09 October 2018
The Islam Channel, a UK-based TV station that streams programmes into Russia and Central Asia, said that Russian intelligence agents had launched a cyberattack on the station in July 2015, giving hackers full control over the broadcaster’s computer networks and infrastructure.
Read More
EDUCATION INDUSTRY
02-09 October 2018
University of Hawaii employees were targeted by a phishing attack that impersonated university officials to deceive victims into disclosing personal information.
Read More
HEALTHCARE INDUSTRY
02-09 October 2018
The Committee of Inquiry (COI) into the SingHealth cyberattack in June heard that the attacker had installed a customised malware that had not been seen elsewhere and used modified open source tools that evaded anti-virus software.
Read More
02-09 October 2018
The recent attacks on financial institutions, healthcare institutions, and government organisations in Singapore and around the world have thrust APT groups into the limelight again.
Read More
Cyber News Weekly 2018
25 September-02 October 2018
FINANCE INDUSTRY
25 September-02 October 2018
The financially motivated Cobalt Gang has been targeting financial institutions with a new hacking tool dubbed SpicyOmelette, which is typically delivered through a phishing email with a shortened link that downloads the tool.
Read More
GOVERNMENT SECTOR
25 September-02 October 2018
A flawed phone app for the Conservative Party (UK) Conference had allowed members of the public to login as anyone attending the party conference and view and modify their personal information after entering an email address.
Read More
TRANSPORT INDUSTRY
25 September-02 October 2018
The Port of San Diego suffered a ransomware attack that disrupted the port’s information technology systems and public services related to park permits, public records requests, as well as business services.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
25 September-02 October 2018
In the worst breach in Facebook’s history, hackers had stolen access tokens for 50 million accounts by exploiting a previously unknown vulnerability found on Facebook’s ‘View As’ feature.
Read More
EDUCATION INDUSTRY
25 September-02 October 2018
A small number of students from Brighton Secondary School in Adelaide, Australia, hacked the school’s computer systems last Friday using stolen staff login details.
Read More
HEALTHCARE INDUSTRY
25 September-02 October 2018
The Committee of Inquiry (COI) into the SingHealth cyberattack in June heard that the management of Integrated Health Information Systems (IHiS) had not acted on addressing an alleged security loophole discovered in the electronic medical records (EMR) system, which could have contributed to the recent cyberattack.
Read More
25 September-02 October 2018
Popular messaging applications like Telegram and WhatsApp are not void of security risks.
Read More
Cyber News Weekly 2018
18-25 September 2018
FINANCE INDUSTRY
18-25 September
The Monetary Authority of Singapore (MAS) found three fake bitcoin sites that were using the names of Singapore leaders–Prime Minister Lee Hsien Loong and Deputy Prime Minister Tharman Shanmugaratnam–to solicit investments.
Read More
GOVERNMENT SECTOR
18-25 September
Researchers found suspected infection of the Pegasus spyware in 45 countries, including Singapore.
Read More
TRANSPORT INDUSTRY
18-25 September
Comparitech, a UK tech research company, found several dark web marketplaces peddling frequent flyer miles from airline reward programmes, including Kris Flyer, Delta SkyMiles, and British Airways.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
18-25 September
ABS-CBN, one of the largest media and entertainment groups in the Philippines, took down two of its online shopping sites last week after they were found infected by the MageCart skimmer.
Read More
EDUCATION INDUSTRY
18-25 September
The U.S. Department of Education’s financial aid office was hit by a phishing campaign that attempted to obtain access to student accounts at several colleges.
Read More
HEALTHCARE INDUSTRY
18-25 September
Further investigation into the cyberattack on SingHealth, which compromised the personal and health data of 1.5 million patients, showed that the attacker had entered the healthcare group’s network as early as August last year by infecting workstations with malware.
Read More
18-25 September
MageCart skimmer attacks continue to be in the limelight this week. Online tech retailer Newegg and ABS-CBN, one of the largest media and entertainment groups in the Philippines, are the latest MageCart victims after attackers injected the skimmer on their websites to pilfer credit card details.
Read More
Cyber News Weekly 2018
11-18 September 2018
FINANCE INDUSTRY
11-18 September
Amazon is investigating allegations that some of its employees have been leaking internal data to third party merchants in China to help them increase their sales on the e-commerce website.
Read More
GOVERNMENT SECTOR
11-18 September
Government Payment Service Inc., a US credit card payment processing company that serves the government sector, leaked more than 14 million customer records due to a technical issue on its website.
Read More
TRANSPORT INDUSTRY
11-18 September
Bristol Airport in Bristol, UK, suffered a ransomware attack last Friday morning.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
11-18 September
Chinese cyber espionage group APT10 has been targeting the Japanese media sector by sending spear phishing emails with macros-laden Microsoft Word documents that download a newer version of the UPPERCUT backdoor.
Read More
EDUCATION INDUSTRY
11-18 September
Iranian hackers had hacked into top universities in the United Kingdom and stolen millions of essays, which were subsequently sold to customers in Iran for cash over Telegram and WhatsApp, as well as in the dark web.
Read More
HEALTHCARE INDUSTRY
11-18 September
The Gisborne branch of the Veterinary Enterprises Group, New Zealand’s largest vet company, suffered a ransomware attack last Saturday night that affected all affiliated clinics across the country.
Read More
11-18 September
Microsoft’s Patch Tuesday for September issued security updates to address 61 vulnerabilities, of which 17 have been rated critical.
Read More
Ensign InfoSecurity Singapore
6 Commonwealth Lane
Singapore 149547
Tel: +65 6788 2882
Fax: +65 6788 3883