With cyber threats constantly on the rise, staying informed about the latest news and developments in the field is essential for maintaining digital safety. Because of this, cybersecurity remains a critical concern for organisations, governments, and individuals. In this blog post, we will explore the top cybersecurity news stories from this week, shedding light on significant events, and noteworthy security incidents.
This week law enforcement disrupted the service of a platform allegedly used to distribute phishing messages to victims, news broke that insider threats are posing a significant problem to organisations due to the cost-of-living crisis, and update were release on the Roku breach.
Law enforcement disrupts service allegedly used in phishing scams
Authorities have arrested 37 individuals globally and are reaching out to potential victims in connection with a technology service suspected of facilitating phishing scams. This service reportedly enabled individuals with limited technical knowledge to send fraudulent text messages designed to deceive victims into online payments.
The focus of the investigation shifted to LabHost, a platform allegedly used by the suspects to distribute the messages and direct victims towards fake websites mimicking legitimate online payment or shopping platforms.
SoumniBot malware exploits Android bugs to evade detection
This week, researchers have revealed the discovery of a new Android banking malware, SoumniBot, that employs an uncommon obfuscation method. This technique exploits vulnerabilities within the Android manifest extraction and parsing process, potentially allowing SoumniBot to bypass standard phone security measures and steal user information. The researchers' analysis details the specific methods SoumniBot utilises to exploit the Android manifest parsing routine.
Insider Threats Surge 14% Annually as Cost-of-Living Crisis Bites
Cifas, a non-profit organisation focused on fraud prevention, identified a 14% year-on-year increase in insider threat incidents recorded in their Insider Threat Database (ITD) for 2023. The ITD tracks individuals reported for "dishonest action to obtain benefit by theft or deception."
Cifas suggests that the rise of remote work arrangements may be a contributing factor. Member organisations reportedly indicated reduced supervision as a potential enabler of such dishonest behaviour for personal gain. Examples cited include holding undisclosed secondary employment or selling company property online.
Ransomware gang starts leaking alleged stolen Change Healthcare data
The RansomHub group has published data it claims to be confidential information from Change Healthcare, a subsidiary of United Health. This follows a cyberattack on Change Healthcare in February 2024 that significantly disrupted the United States healthcare system by hindering insurance claim processing.
Roku Announces Data Breach Affecting Over Half a Million Accounts
Streaming platform Roku disclosed a data security incident impacting over 576,000 user accounts on Friday. The company reported unauthorised purchases on a limited number of these accounts. This incident follows a previous disclosure in March 2024 where thousands of Roku accounts were compromised.
Research Highlights Increased Targeting of SAP Vulnerabilities in Ransomware Attacks
A collaborative study by Flashpoint and Onapsis indicates a significant rise in threat actors targeting SAP vulnerabilities. The research, based on threat intelligence from both organisations, reveals a fivefold increase in SAP systems compromised by ransomware attacks since 2021.
The study identifies multiple, unpatched vulnerabilities at the application level of SAP systems as a common entry point for these ransomware campaigns.
One way to discover, manage and risk assess vulnerabilities that affect your business is by using Attack Surface Management tools. Remaining well-informed about the latest developments in the industry is paramount in combating cybercrime. By staying abreast of relevant news, leaders can make informed decisions, proactively implement security measures, and effectively protect their organisations from cyberattacks. Maintaining a vigilant mindset, adhering to best practices, and leveraging cutting-edge technologies are all essential elements in constructing a secure digital future.