Cyber News Weekly 2018
27 November-04 December 2018
FINANCE INDUSTRY
27 November-04 December
Research shows that four North Korean hacker groups – Lazarus, TEMP.Hermit, APT37, and APT38 – continue to attack South Korean companies, financial institutions, and public corporations despite rapprochement between North and South Korea.
Read More
GOVERNMENT SECTOR
27 November-04 December
Russian hacker group Fancy Bear, also known as Sofacy and APT28, has been sending Brexit-themed phishing emails with a macros-laden document that promised information about the recent Brexit negotiations between the UK and the EU.
Read More
TRANSPORT INDUSTRY
27 November-04 December
Customers who used service and emotional support animals claimed that the American budget airline Allegiant Air had violated their privacy by exposing their names and personal email addresses to hundreds of passengers in an email announcing policy changes.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
27 November-04 December
Marriott International, an American multinational hospitality company, said that its Starwood reservation system was hacked, exposing the personal data of up to 500 million customers, including their passport and credit card details.
Read More
EDUCATION INDUSTRY
27 November-04 December
A former PhD student and a university employee have been accused of hacking into the Embry-Riddle Aeronautical University’s system.
Read More
HEALTHCARE INDUSTRY
27 November-04 December
The United States indicted two Iranians for deploying the SamSam ransomware in a major hacking campaign and sanctioned two others for exchanging the ransom payments from Bitcoin into rials.
Read More
27 November-04 December
How did your businesses fare security-wise over Black Friday and Cyber Monday?
Read More
Cyber News Weekly 2018
20-27 November 2018
FINANCE INDUSTRY
20-27 November 2018
The Singapore police and DBS bank cautioned customers of a reappearance of phishing SMSes, after more than 50 DBS customers fell prey to the scam over the past two months.
Read More
GOVERNMENT SECTOR
20-27 November 2018
The Indiana Department of Revenue and the US Internal Revenue Service warned of email scams in which senders posed as the revenue agencies to deceive recipients into downloading the Emotet banking trojan.
Read More
TRANSPORT INDUSTRY
20-27 November 2018
The US Postal Service (USPS) fixed a website flaw that allowed any user who has an account at usps[.]com to view the account details of 60 million users and modify some of them.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
20-27 November 2018
High Tail Hall, an adult furry video game, was hacked in August, exposing the personal data of close to half a million members.
Read More
EDUCATION INDUSTRY
20-27 November 2018
The University of Illinois (UIC) warned of gift cards email scams targeting faculty and employees last week.
Read More
HEALTHCARE INDUSTRY
20-27 November 2018
The Ohio Valley Medical Center and East Ohio Regional Hospital, both owned by parent company Ohio Valley Health Services & Education Corporation, ceased emergency service transports after suffering ransomware attacks last Friday.
Read More
20-27 November 2018
How did your businesses fare security-wise over Black Friday and Cyber Monday?
Read More
Cyber News Weekly 2018
13-20 November 2018
FINANCE INDUSTRY
13-20 November 2018
Two hacker groups – Silence and MoneyTaker – have been targeting Russian financial institutions with phishing emails designed to look like they come from the Central Bank of Russia (CBR) and Financial Sector Computer Emergency Response Team (FinCERT).
Read More
GOVERNMENT SECTOR
13-20 November 2018
Russian hackers have been found impersonating US State Department aides like public affairs specialist Susan Stevenson and government official Heather Nauert in a new phishing operation aimed at infecting computers of US government agencies, think tanks, and businesses.
Read More
TRANSPORT INDUSTRY
13-20 November 2018
Privacy4Cars, the first mobile application designed to eliminate personally identifiable information from modern vehicle infotainment systems, has publicly disclosed a vehicle hack dubbed CarsBlues.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
13-20 November 2018
Malaysia’s leading media group Media Prima, which owns newspapers New Straits Times, Berita Harian and TV3, suffered a ransomware attack in which attackers demanded RM 26 million worth of bitcoins in ransom.
Read More
EDUCATION INDUSTRY
13-20 November 2018
Thousands of students from UK universities have been hit by a significant volume of fake tax refund emails in the past three to four weeks.
Read More
HEALTHCARE INDUSTRY
13-20 November 2018
The Midlands Regional Hospital, a public hospital in Ireland managed by the Irish Government’s Health Service Executive, suffered a ransomware attack that affected its Laboratory Information System and associated IT infrastructure.
Read More
13-20 November 2018
With the festive season approaching, security companies are cautioning consumers and online merchants of the potential surge of cyberattacks over the next two months.
Read More
Cyber News Weekly 2018
05-13 November 2018
FINANCE INDUSTRY
05-13 November 2018
HSBC Bank’s American clients were hit by a data breach after hackers obtained access to customers’ account information, statement and transaction histories, and personal data between 04 and 14 October.
Read More
GOVERNMENT SECTOR
05-13 November 2018
Malaysia’s centre-left multiracial political party Parti Keadilan Rakyat (PKR), led by Anwar Ibrahim, suspended the voting results from Julau division in Sarawak after the tablets used for voting were allegedly compromised with a malicious anti-theft software called Prey Anti Theft.
Read More
TRANSPORT INDUSTRY
05-13 November 2018
The delivery tracking tool of the Canada Post, the primary postal operator in Canada, was hacked by an unidentified individual.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
05-13 November 2018
Reporters Without Borders (RSF), an international non-profit organisation that conducts political advocacy on issues relating to freedom of information and freedom of the press, has called on journalists to stay vigilant after a dissident Saudi reporter repeatedly received phishing emails in which hackers impersonated journalists and attempted to trick him into clicking malicious links.
Read More
EDUCATION INDUSTRY
05-13 November 2018
Scotch College, a private boys’ school in Melbourne, Australia, has cautioned parents of an email scam asking them to send college fees to a different bank account.
Read More
HEALTHCARE INDUSTRY
05-13 November 2018
Huntsville Hospital in Alabama, United States, has disclosed Jobscience’s data breach, which may have involved information of individuals who applied for jobs at the hospital.
Read More
05-13 November 2018
As the festive season approaches, more shoppers are going online to shop for year-end gifts and snap up commodities on festive promotions.
Read More
Cyber News Weekly 2018
30 October - 05 November 2018
FINANCE INDUSTRY
30 October - 05 November 2018
Turkish police arrested 11 suspects in an alleged hack of cryptocurrency accounts that led to a loss of more than US$80,000.
Read More
GOVERNMENT SECTOR
30 October - 05 November 2018
Austral, an Australian shipbuilder and defence contractor, has reported a data breach in which personnel files from its data management system were hacked by an unknown hacker.
Read More
TRANSPORT INDUSTRY
30 October - 05 November 2018
Eurostar, a high-speed railway service that connects London with other European countries, has reset customer passwords after detecting attempts to hack into customer accounts.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
30 October - 05 November 2018
Federal Group, a privately-owned family company that operates casino, tourism, and retail assets in Tasmania, Australia, suffered a data breach after hackers compromised a third-party email distribution service and disseminated spam emails to customers.
Read More
EDUCATION INDUSTRY
30 October - 05 November 2018
Kristi Sims, a former contractor who handled administrative tasks for the Office of Safety and Security at Chicago Public Schools, was arrested last Thursday after stealing information of 80,000 employees, volunteers, and vendors from a database.
Read More
HEALTHCARE INDUSTRY
30 October - 05 November 2018
The attackers behind the SamSam ransomware remain highly active this year, having had targeted 67 different targets, most of which are in the US and belong to the healthcare sector.
Read More
30 October - 05 November 2018
Some observers may argue that ransomware is no longer the most prevalent malware this year after being overtaken by crypto miners, but ransomware is not any less sophisticated and damaging than before.
Read More
Cyber News Weekly 2018
23 – 30 October 2018
FINANCE INDUSTRY
23 – 30 October 2018
A Pakistani bank known as Bank Islami has allegedly lost US$6 million during a cyber heist involving fraudulent debit card transactions originating from the US and Brazil.
Read More
GOVERNMENT SECTOR
23 – 30 October 2018
A Moscow-based laboratory, Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM), has been linked to the Triton malware that disrupted production at a Saudi Arabian critical infrastructure facility in December 2017.
Read More
TRANSPORT INDUSTRY
23 – 30 October 2018
Hong Kong's Cathay Pacific Airways has suffered a data breach that may affect as many as 9.4 million customers.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
23 – 30 October 2018
The adaptive Magecart group continues to devise new methods for injecting its skimmer script at online retail stores.
Read More
EDUCATION INDUSTRY
23 – 30 October 2018
Schools in New Zealand have reported a surge in cyber attacks that aim to take down school websites through distributed denial of service (DDoS) attacks.
Read More
HEALTHCARE INDUSTRY
23 – 30 October 2018
Phishing attacks continue to pose significant threats to the healthcare sector as the vector is often associated with compromised credentials that can lead to attacks such as ransomware and business email compromise.
Read More
23 – 30 October 2018
A researcher by the Twitter handle SandboxEscaper has released another zero-day vulnerability on social media without first coordinating disclosure with the vendor.
Read More
Cyber News Weekly 2018
16-23 October 2018
FINANCE INDUSTRY
16-23 October 2018
Hackers defaced the Future Investment Initiative website and left messages that criticised the Saudi regime over the alleged killing of journalist Jamal Khashoggi, the war in Yemen, and financing terrorism.
Read More
GOVERNMENT SECTOR
16-23 October 2018
Researchers discovered an espionage campaign dubbed Operation Oceansalt that targets Koreans using an unknown data reconnaissance implant, which appears to be a reuse of code from the Seasalt implant previously linked to Chinese hacker group Comment Crew.
Read More
TRANSPORT INDUSTRY
16-23 October 2018
Researchers found four several authentication and encryption firmware vulnerabilities in marine diesel engine controllers and their Android applications by Norwegian marine supplier Auto-Maskin.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
16-23 October 2018
A group of hacktivists dubbed the Ghost Squad Hackers has claimed responsibility for a Distributed Denial of Service (DDoS) attack that took YouTube offline last week.
Read More
EDUCATION INDUSTRY
16-23 October 2018
The Durham University’s employee data had been compromised after its benefits portal, which is supplied by food services and facilities management firm Sodexo, was hacked.
Read More
HEALTHCARE INDUSTRY
16-23 October 2018
The Health Promotion Board’s (HPB) HealthHub portal had been hacked over four days between September and October. The attack was discovered after a user suspected that her account had been accessed without her authorisation.
Read More
16-23 October 2018
This week, we received several reports about router vulnerabilities.
Read More
Cyber News Weekly 2018
09-16 October 2018
FINANCE INDUSTRY
09-16 October 2018
The Ministry of Finance issued an advisory on how to spot fake SG Bonus SMSes that have been circulating of late. The fake SMSes state the sender’s name as Gov.sg and include the link ‘sg-gov[.]com’.
Read More
GOVERNMENT SECTOR
09-16 October 2018
Unidentified hackers had breached travel records at the U.S. Department of Defense, giving them access to the personal and credit card information of as many as 30,000 military and civilian personnel.
Read More
TRANSPORT INDUSTRY
09-16 October 2018
Researchers found that more than 30 systems used by airlines to analyse data from airplane sensors were available online and could be used to pivot into datacentre systems and servers vulnerable to legacy security issues.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
09-16 October 2018
Penguin Random House North America and Pan Macmillan have warned of a series of phishing attacks targeted at stealing manuscripts.
Read More
EDUCATION INDUSTRY
09-16 October 2018
A schoolgirl at Manor Lakes P-12 College in Melbourne, Australia, discovered confidential student files on her iPad’s Google Documents folder that contained photos, medical details, and family information of other students at the school.
Read More
HEALTHCARE INDUSTRY
09-16 October 2018
The Committee of Inquiry (COI) into the SingHealth cyberattack in June heard that the attacker had installed a customised malware that had not been seen elsewhere and used modified open source tools that evaded anti-virus software.
Read More
09-16 October 2018
The recent attacks on financial institutions, healthcare institutions, and government organisations in Singapore and around the world have thrust APT groups into the limelight again.
Read More
Cyber News Weekly 2018
02-09 October 2018
FINANCE INDUSTRY
02-09 October 2018
The Monetary Authority of Singapore (MAS) has warned the public of phishing emails impersonating the authority to deceive recipients into disclosing personal and financial information.
Read More
GOVERNMENT SECTOR
02-09 October 2018
A French police officer who worked for a French intelligence agency had sold sensitive police files in a dark web market known as Black Hand, allowing criminals to create forged documents using the stolen files.
Read More
TRANSPORT INDUSTRY
02-09 October 2018
Hackers have been using fake sites that closely resemble that of the Japanese delivery company Sagawa to spread a new FakeSpy Android malware variant. One of the fake sites has no SSL certificate and its page layout is broken.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
02-09 October 2018
The Islam Channel, a UK-based TV station that streams programmes into Russia and Central Asia, said that Russian intelligence agents had launched a cyberattack on the station in July 2015, giving hackers full control over the broadcaster’s computer networks and infrastructure.
Read More
EDUCATION INDUSTRY
02-09 October 2018
University of Hawaii employees were targeted by a phishing attack that impersonated university officials to deceive victims into disclosing personal information.
Read More
HEALTHCARE INDUSTRY
02-09 October 2018
The Committee of Inquiry (COI) into the SingHealth cyberattack in June heard that the attacker had installed a customised malware that had not been seen elsewhere and used modified open source tools that evaded anti-virus software.
Read More
02-09 October 2018
The recent attacks on financial institutions, healthcare institutions, and government organisations in Singapore and around the world have thrust APT groups into the limelight again.
Read More
Cyber News Weekly 2018
25 September-02 October 2018
FINANCE INDUSTRY
25 September-02 October 2018
The financially motivated Cobalt Gang has been targeting financial institutions with a new hacking tool dubbed SpicyOmelette, which is typically delivered through a phishing email with a shortened link that downloads the tool.
Read More
GOVERNMENT SECTOR
25 September-02 October 2018
A flawed phone app for the Conservative Party (UK) Conference had allowed members of the public to login as anyone attending the party conference and view and modify their personal information after entering an email address.
Read More
TRANSPORT INDUSTRY
25 September-02 October 2018
The Port of San Diego suffered a ransomware attack that disrupted the port’s information technology systems and public services related to park permits, public records requests, as well as business services.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
25 September-02 October 2018
In the worst breach in Facebook’s history, hackers had stolen access tokens for 50 million accounts by exploiting a previously unknown vulnerability found on Facebook’s ‘View As’ feature.
Read More
EDUCATION INDUSTRY
25 September-02 October 2018
A small number of students from Brighton Secondary School in Adelaide, Australia, hacked the school’s computer systems last Friday using stolen staff login details.
Read More
HEALTHCARE INDUSTRY
25 September-02 October 2018
The Committee of Inquiry (COI) into the SingHealth cyberattack in June heard that the management of Integrated Health Information Systems (IHiS) had not acted on addressing an alleged security loophole discovered in the electronic medical records (EMR) system, which could have contributed to the recent cyberattack.
Read More
25 September-02 October 2018
Popular messaging applications like Telegram and WhatsApp are not void of security risks.
Read More
Cyber News Weekly 2018
18-25 September 2018
FINANCE INDUSTRY
18-25 September
The Monetary Authority of Singapore (MAS) found three fake bitcoin sites that were using the names of Singapore leaders–Prime Minister Lee Hsien Loong and Deputy Prime Minister Tharman Shanmugaratnam–to solicit investments.
Read More
GOVERNMENT SECTOR
18-25 September
Researchers found suspected infection of the Pegasus spyware in 45 countries, including Singapore.
Read More
TRANSPORT INDUSTRY
18-25 September
Comparitech, a UK tech research company, found several dark web marketplaces peddling frequent flyer miles from airline reward programmes, including Kris Flyer, Delta SkyMiles, and British Airways.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
18-25 September
ABS-CBN, one of the largest media and entertainment groups in the Philippines, took down two of its online shopping sites last week after they were found infected by the MageCart skimmer.
Read More
EDUCATION INDUSTRY
18-25 September
The U.S. Department of Education’s financial aid office was hit by a phishing campaign that attempted to obtain access to student accounts at several colleges.
Read More
HEALTHCARE INDUSTRY
18-25 September
Further investigation into the cyberattack on SingHealth, which compromised the personal and health data of 1.5 million patients, showed that the attacker had entered the healthcare group’s network as early as August last year by infecting workstations with malware.
Read More
18-25 September
MageCart skimmer attacks continue to be in the limelight this week. Online tech retailer Newegg and ABS-CBN, one of the largest media and entertainment groups in the Philippines, are the latest MageCart victims after attackers injected the skimmer on their websites to pilfer credit card details.
Read More
Cyber News Weekly 2018
11-18 September 2018
FINANCE INDUSTRY
11-18 September
Amazon is investigating allegations that some of its employees have been leaking internal data to third party merchants in China to help them increase their sales on the e-commerce website.
Read More
GOVERNMENT SECTOR
11-18 September
Government Payment Service Inc., a US credit card payment processing company that serves the government sector, leaked more than 14 million customer records due to a technical issue on its website.
Read More
TRANSPORT INDUSTRY
11-18 September
Bristol Airport in Bristol, UK, suffered a ransomware attack last Friday morning.
Read More
MEDIA AND ENTERTAINMENT INDUSTRY
11-18 September
Chinese cyber espionage group APT10 has been targeting the Japanese media sector by sending spear phishing emails with macros-laden Microsoft Word documents that download a newer version of the UPPERCUT backdoor.
Read More
EDUCATION INDUSTRY
11-18 September
Iranian hackers had hacked into top universities in the United Kingdom and stolen millions of essays, which were subsequently sold to customers in Iran for cash over Telegram and WhatsApp, as well as in the dark web.
Read More
HEALTHCARE INDUSTRY
11-18 September
The Gisborne branch of the Veterinary Enterprises Group, New Zealand’s largest vet company, suffered a ransomware attack last Saturday night that affected all affiliated clinics across the country.
Read More
11-18 September
Microsoft’s Patch Tuesday for September issued security updates to address 61 vulnerabilities, of which 17 have been rated critical.
Read More
Ensign InfoSecurity Singapore
6 Commonwealth Lane
Singapore 149547
Tel: +65 6788 2882
Fax: +65 6788 3883