Police disrupt Grandoreiro banking malware operation
The Grandoreiro banking malware operation, responsible for financial fraud in Spanish-speaking countries since 2017, has been successfully dismantled by the collaborative efforts of the Federal Police of Brazil and cybersecurity researchers. ESET, Interpol, the National Police in Spain, and Caixa Bank played crucial roles by contributing vital data that led to the identification and apprehension of individuals behind the malware's infrastructure. Brazil's federal police disclosed the arrest of five individuals and the execution of thirteen search and seizure operations in Sao Paulo, Santa Catarina, Para, Goias, and Mato Grosso.
Financial organisations are prime targets for cybercriminals, as they store an abundance of sensitive data about customers.
Energy giant Schneider Electric hit by Cactus ransomware attack
It has been reported that Schneider Electric has fallen victim to a Cactus ransomware attack that resulted in the unauthorised acquisition of corporate data. The incident occurred on January 17th, primarily affecting Schneider Electric's Sustainability Business division. The attack caused disruptions to certain functionalities of the Resource Advisor cloud platform, with ongoing outages reported.
The ransomware group responsible allegedly absconded with terabytes of corporate data and is currently pressuring the company by threatening to disclose the stolen information unless a ransom is paid. While the nature of the pilfered data remains undisclosed, it is noteworthy that the Sustainability Business division offers consultancy services to enterprises, specialising in advising on renewable energy solutions and assisting in navigating intricate climate regulatory requirements globally.
NCSC Warns That AI Creates Greater Ransomware Threat
A recently published report from the National Cyber Security Centre (NCSC), a division of GCHQ, highlights the imminent rise in the global ransomware threat facilitated by artificial intelligence (AI) in the next two years. The report emphasises that AI is currently being harnessed for malicious cyber activities and is anticipated to significantly increase both the frequency and severity of cyberattacks, with a particular focus on the proliferation of ransomware.
Looted RIPE Credentials for Sale on the Dark Web
On the Dark Web, a revelation has surfaced regarding the theft of hundreds of network operator credentials, obtained through compromised RIPE accounts. RIPE, the repository for IP addresses and their corresponding owners across the Middle East, Europe, and parts of Africa, has become a frequent target. Recent attacks have seen assailants compromise account logins with the intent of collecting valuable information, as highlighted in a blog post by researchers from Resecurity.
Our CTO, Elliott Wilkes, says: "Organisations that use contractors and remote staff to complete engineering tasks absolutely must deploy tools to protect their privileged access. In these companies, engineers often will have elevated or admin access to critical legacy systems."
US disabled Chinese hacking network targeting critical infrastructure
In recent months, the U.S. government initiated an operation to combat an extensive Chinese hacking campaign that had infiltrated thousands of internet-connected devices, according to information provided by two Western security officials and an individual acquainted with the situation.
Reuters reported that the Justice Department and the Federal Bureau of Investigation (FBI) obtained legal authorisation to remotely deactivate certain elements of the Chinese hacking campaign as part of their efforts to address the cybersecurity threat.
As always, it’s important that business leaders stay ahead of the latest cybersecurity developments. Informed leaders are better equipped to make strategic decisions, proactively integrate security measures, and fortify their organisations sufficiently against cyber threats.
Crucially, maintaining a vigilant mindset, adhering to best practices, and the adoption of the latest technology are all integral parts of constructing a secure digital future. Embracing these principles protects us today and sets us up for a safer future.