Cyber Threat Report: Cyber Security News for 04/19/24

Russian Sandworm Hackers Pose As Hacktivists In Water Utility Breaches
The Sandworm hacking group associated with Russian military intelligence has been hiding attacks and operations behind multiple online personas posing as hacktivist groups. Read More

Cisco Duo Customer MFA Message Logs Stolen in Supply Chain Hack
Phone numbers and other data belonging to users of Cisco Duo’s identity authentication service have been stolen following the breach of a third-party telephony supplier. Read More

D-Link Tells Customers to Sunset Actively Exploited Storage Devices
The networking hardware vendor advised owners of the affected devices to retire and replace them. There is no patch available for the vulnerability. Read More

Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide
Described as one of the largest Phishing-as-a-Service (PhaaS) providers, LabHost offered phishing pages targeting banks, high-profile organizations, and other service providers located primarily in Canada, the U.S., and the U.K. Read More

Insider Threats Surge 14% Annually as Cost-of-Living Crisis Bites
A plurality (38%) of employees who engaged in dishonest conduct had been in their position for less than a year, up from 21% in 2022. However, 17% had been in employment for over a decade, and 80% of those recorded for bribery had also been working for more than 10 years. Read More

UnitedHealth Expects Up to $1.6B Hit from Change Cyber Attack This Year
Along with the damage to providers — many of whom weren’t paid for their services for weeks, UnitedHealth set up a loan program amid intense public, legal, and governmental pressure. Read More

Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services
Successful attacks could pave the way for unauthorized network access, account lockouts, or denial-of-service conditions. Read More

Law Firm to Pay $8M to Settle Health Data Hack Lawsuit
Orrick Herrington Cyberattack Compromised Clients' Data, Affected Nearly 638,000. Read More

MGM Resorts Sues FTC, Agency Chair Over Cyberattack Investigation
MGM also alleges the FTC failed to follow its conflict-of-interest guidelines. Read More

Cloned Voice Tech Is Coming for Bank Accounts
Experts Warn AI Tools Can Now Compromise Voice Password Systems Used by Many Banks. Read More

Sensitive US Government Data Exposed After Space-Eyes Data Breach
The breach compromises sensitive data from critical US government agencies including the Department of Justice, Department of Homeland Security, and the US armed forces. Read More

Palo Alto Firewalls: Public Exploits, Rising Attacks, Ineffective Mitigation
Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability. Read More

HEADLINE PRIVACY & IT SECURITY COMPLIANCE NEWS

The Sandworm hacking group, linked to Russian military intelligence, operates covertly through multiple online personas, aiming to amplify pro-Russia narratives and disrupt critical infrastructure. Despite their primary focus on Ukraine, they've expanded operations to influence global events and elections, utilizing phishing campaigns, malware deployment, and information manipulation, posing significant cybersecurity risks worldwide.

Following a breach of a third-party telephony supplier, phone numbers and user data from Cisco Duo's authentication service were compromised, impacting over 100,000 customers. The breach, initiated by a successful phishing attack on an employee of the telephony company, enabled hackers to download SMS message logs containing metadata such as phone numbers and carrier details, prompting concerns about potential spear phishing and SIM swapping attacks. Despite the breach, Cisco reassured customers that the hackers didn't send messages to any of the compromised phone numbers and that measures were being implemented to prevent similar incidents in the future, highlighting the pervasive threat of social engineering and phishing in cybersecurity.

Get in touch with us to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.