Blog

Latest Cyberthreats and Advisories – October 7, 2022

Oct 07, 2022

Cyberthreats_10.7.2022

U.S. government cyber alerts, updates on major data breaches and U.K. privacy crime…. Here are the latest threats and advisories for the week of October 7, 2022.

Threat Advisories and Alerts

Voters Should Remain Vigilant of Cyber-tampering Ahead of U.S. Midterm Elections

As the U.S. midterm elections near, voters may be concerned about tampering by cybercriminals. There’s a good reason. U.S. election systems continue to be a target for malicious threat actors. While cybercriminals may spread false claims about disrupting election infrastructure, the FBI and CISA have found no evidence that cyberactivity has ever affected the accuracy of voter registration information, prevented a voter from casting a ballot or compromised the integrity of cast ballots. Voters should, however, report suspicious election related behavior or crimes to their local FBI Field Office.

Source: https://www.ic3.gov/Media/PDF/Y2022/PSA221004.pdf

Cybercriminals Steal Data from U.S. Defense Organization

State-backed hackers used the Impacket framework and a new, custom CovalentStealer malware to steal sensitive data from a U.S. defense organization. From November 2021 through January 2022, multiple advanced persistent threat (APT) groups are believed to have compromised the organization’s network. How can companies mitigate similar APT cyberattacks? CISA recommends to keep software up to date, audit account usage and enforce multifactor authentication. See the full CISA report for more details. 

Source: https://www.bleepingcomputer.com/news/security/hackers-stole-data-from-us-defense-org-using-impacket-covalentstealer/

CISA Mandates Federal Agencies to Step up Their Cybersecurity Defenses

Federal civilian agencies will soon be required to more frequently scan for and report software vulnerabilities in their IT systems. CISA issued a directive this week mandating the organizations to automate IT asset discovery every seven days and scan for vulnerabilities across all technology assets (phones, laptops, mobile devices, etc.) every 14 days, among other requirements. Critical infrastructure is a continual target for threat actors as the sector typically operates with legacy technologies, which are more vulnerable to modern day cyberthreats. Agencies have till April 3, 2023 to implement the CISA requirements.

Source: https://www.theregister.com/2022/10/04/cisa_software_vulnerability_directive/

Emerging Threats and Research

LAUSD School System Data Published by Vindictive Ransomware Gang

Last month’s ransomware attack on the Los Angeles Unified School District (LAUSD) has resulted in exposed data. This past Friday, LAUSD refused to pay Vice Society’s ransom. The school district released a statement saying they believe “public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate.” A few days later on Sunday morning, Vice Society Published stolen data and documents from the LAUSD attack. Concerned students and parents should call the newly setup hotline (855-926-1129) for support.

Source: https://www.bleepingcomputer.com/news/security/ransomware-gang-leaks-data-stolen-from-lausd-school-system/

Optus Confirms Data of Nearly 2.1 Million Customers Was Exposed in Breach

The Australian telecom giant Optus confirmed earlier this week that personal data was leaked from nearly 2.1 million customers during last month’s breach. According to Optus’s parent company Singtel, “Approximately 1.2 million customers have had at least one number from a current and valid form of identification, and personal information, compromised.” The personal information and expired IDs of around 900,000 other customers were also impacted by the breach. Optus customers should exercise caution in the coming weeks as the leaked data could result in an uptick of phishing attacks.

Source: https://thehackernews.com/2022/10/optus-hack-exposes-data-of-nearly-21.html

Four U.K. Firms Smacked with £370,000 Fine for Breaking Privacy Laws

Four U.K. companies have been fined a total of £370,000 by the Information Commissioner’s Office (ICO). The companies broke local privacy laws that protect people from nuisance marketing emails and calls. Over 820,000 marketing calls were made to individuals who explicitly requested to not be contacted. Many of these calls were to vulnerable groups, such as the elderly and ill, and attempted to forcibly pressure them into buying products.

Source: https://www.infosecurity-magazine.com/news/ico-fines-four-predatory/

To stay updated on the latest cybersecurity threats and advisories, look for weekly updates on the (ISC)² blog. Please share other alerts and threat discoveries you’ve encountered and join the conversation on the (ISC)² Community Industry News board.