August 14, 2023

CyberSec Roundup
A synopsis of the Latest Cybersecurity News

 

40 Millon Britons Exposed

The U.K. Electoral Commission has revealed a year-long undetected cyber-attack that exposed the voter data of 40 million individuals. Threat actors accessed systems in August 2021, and the breach was detected in October 2022. The attack exposed personal information like names, emails, addresses, and contact numbers of anyone in Great Britain who was registered to vote between 2014 and 2022. A risk assessment by the Information Commissioner’s Office determined that the information that was exposed does not in itself present a high risk to individuals, but could be combined with other public details (such as those on social media) for profiling purposes. It is baffling why the breach wasn’t disclosed in a timelier fashion.

Breach Affects 4 Million

The Colorado Department of Health Care Policy & Financing is warning over 4 million individuals about a data breach affecting their personal and health details. The attack by Clop ransomware exploited the MOVEit Transfer zero-day vulnerability that impacted numerous global organizations worldwide. HCPF’s systems were unaffected, but the breach occurred through their contractor, IBM, which used the MOVEit software. The breach compromised files containing sensitive information like names, Social Security Numbers, and medical details. HCPF is offering two years of credit monitoring through Experian for those affected.

TripAdvisor-Themed Knight Ransomware Spreads

Knight ransomware, a rebrand of Cyclop Ransomware, is being distributed using fake TripAdvisor complaint emails. The email will open a browser displaying a fake TripAdvisor site, that if interacted with, will download an infected Excel attachment. Users tricked into opening Excel files, will initiate the ransomware that encrypts files on the device. The ransom note demands $5,000 in Bitcoin but it isn’t likely the victims will receive the decryptor if they pay.

Rhysida Ransomware on the Rise

The Rhysida Ransomware group was only launched earlier this year, but has claimed many victims, including the Chilean army, but primarily in the healthcare sector. These attacks have caused the US Department of Health and Human Services to flag the group as a major threat to the healthcare sector.

 

By: David Pinder
IT & Cybersecurity Consultant
Certified Ethical Hacker (Master) | CCSK | AZ-500

In Uncategorized
Share this post? Twitter Facebook Google+
Prev Post
Next Post

Recent Posts

CyberSec Roundup – 20th January, 2025

CyberSec Roundup – 10th September, 2024

CyberSec Roundup – 22nd July, 2024

July 22, 2024

×

Hello!

Glad to see you here, You can directly contact us on WhatsApp. We would are happy to assist you!

× Whatsapp Us