After coming up on the six months of 2019, we’re stopping to roundup what has happened up until now. Starting from Arlington County payroll system attack to ransomware to data leaks, we investigated the numbers to perceive what is at the top by hacker interview, the main security breach are mentioned here:
Cyber Attack on Arlington County Payroll System
Arlington County Government recently has found the presence of some intrusion into the Arlington County payroll system. The interruption seems, by all accounts, to be the aftereffect of a “phishing” email focusing on the county staff and was not a hack. This interruption was constrained in both the compromise time as well as the number of employees who were affected that time. No inhabitant information was undermined during the interruption.
After discovering this interruption, Arlington County has actualized upgraded digital security features in order to secure email and the critical systems. The interruption is as of now being researched by the Arlington County Police Department.
The Citrix Breach
Iranian-backed Iridium hacker group hacked Citrix which has taken away 6 terabytes of sensitive internal data that includes emails, blueprints and so on. The Iranian-backed hacking group was additionally behind the cyber attack that had affected 200 government organizations around the world, oil and gas organizations, innovation organizations and other organizations. This group bypass multifaceted authentication for critical applications as well as services for unauthorized access to VPN channels and SSO that is Single Sign-On. The NCSC encourages these organizations to have protected monitoring over remotely reachable authentication endpoints to find password assaults and uphold multifaceted validation on remotely reachable authentication endpoints.
The Phishy Wipro Breach
In April 2019, IT consulting monster Wipro was exploring a progressed phishing effort that focused on its employees. Flashpoint investigated this into the risk factors as well as strategies, systems and methodology that were associated with this phishing attack. Wipro conceded the breach occurred because of the consequence of employee phishing assaults. Analysts found that Wipro staff was victim of the assaults and the hackers had accessed more than 100 Wipro systems. Of the malevolent domains and the IP addresses, hashes, and the file names, Flashpoint experts had the option to confirm that about six were phishing domains hosting template with accreditation phishing endeavors. In this case, the attackers used remote access tool i.e ScreenConnect in order to hack the internal data. The adversaries planned to discover victim’s Window username and password so as to supposedly access encrypted email.
Data Breach in Toyota – Thailand and Vietnam
In mid-March, Japan’s Toyota Motor Corporation discovered that the unauthorized access had been identified on servers at its auxiliaries in Thailand and Vietnam. On the Thai website of Toyota, the organization issued a notice which states that the organization has found that some of Toyota’s data in Thailand were focused by a cyber attack and that a part of its client information may have been possibly accessed. After a month, the organization had endured a cyber attack in its Australian area, which made interruptions its IT frameworks, including phones and email communication. The organization found the worst attack on 21st March when the personal data having a place with 3.1 million customers was hacked because of data breach in its Japan sales office. This data included names, addresses, dates of birth, occupation and other data. According to the organization, credit card details were not hacked.
As indicated by Miter ATT&CK database, APT32 is a threat group that has been dynamic since 2014. The group has focused on numerous private industries and foreign governments, dissenters as well as journalists. APT32 assaults have occurred for the most part in Southeast Asia,including Vietnam, the Philippines, Laos, and Cambodia. The group mainly belongs to Vietnam.
Author: Yogesh Prasad
Ethical Hacker | Information Security Consultant | Cyber Security Expert