AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/02/2022

Medibank hackers announce ‘case closed’ and dump huge data file on dark web

The cybercriminals behind the Medibank cyber-attack have posted on the dark web what appears to be the remainder of the customer data they took from the health insurer, stating it is “case closed” for the hack. On Thursday morning, the blog – which returned online after several days of being offline last week – posted “Happy Cyber Security Day!!! Added folder full. Case closed.” and included a file that has several compressed files amounting to over 5GB. Guardian Australia has not verified the files, but the file size and the comments on Thursday indicate it could be the full amount of information the hackers took from the Australian health insurer.


Vatican hit by suspected cyber attack days after Pope criticises Russia

The Vatican’s website was down on Wednesday evening amid “abnormal access attempts”, according to the Holy See. “Technical investigations are ongoing due to abnormal attempts to access the site,” Vatican spokesman Matteo Bruni said. He did not give any further information. Throughout Wednesday, several Vatican sites were offline and the official Vatican.va website was inaccessible well into the evening. The suspected hack came a day after Moscow rebuked Pope Francis’s latest condemnation of Russia’s invasion of Ukraine.


Ransomware group may have stolen customer bank details from British water company

South Staffordshire Water, which supplies water for more than 1.7 million people in England, has said that an attempted ransomware attack in August may have enabled cybercriminals to steal customer bank details. At the time of the incident the company stressed that water supply was not affected, although its corporate network was experiencing disruptions. The company said in an update on Wednesday that customers who paid by direct debit may have had their bank details stolen. “Since the incident, we’ve been working with leading forensic experts to investigate fully what happened. Our investigation has now found that the incident resulted in unauthorized access to some of the personal data we hold for a subset of our customers,” the company announced.


Android and iOS apps with 15 million installs extort loan seekers

Over 280 Android and iOS apps on the Google Play and the Apple App stores trapped users in loan schemes with misleading terms and employed various methods to extort and harass borrowers. To fuel the operation’s extortion attempts, the apps stole excessive amounts of data from mobile phones not usually required to offer loans. In a new report by cybersecurity firm Lookout, researchers uncovered 251 Android 35 iOS lending apps that were downloaded a combined total of 15 million times, mostly from users in India, Colombia, Mexico, Nigeria, Thailand, the Philippines, and Uganda.


The Supreme Court battle for Section 230 has begun

The first shots have been fired in a Supreme Court showdown over web platforms, terrorism, and Section 230 of the Communications Decency Act. On Tuesday and Wednesday, petitioners filed briefs in Gonzalez v. Google and Twitter v. Taamneh, a pair of lawsuits blaming platforms for facilitating Islamic State attacks. The court’s final ruling will determine web services’ liability for hosting illegal activity, particularly if they promote it with algorithmic recommendations.

Related Posts