Israel Cyber Attack on Iran Port and Texas Transport Ransomware Attack

Cybersecurity Insiders

On May 9th of this year, computer systems at Iran’s Port of Shahid Rajaee were cyber-attacked disrupting the operations of the port for hours blocking down vessels and creating a traffic jam on the way to the port as thousands of goods delivery trucks were stranded in confusion.

At that time, the Foreign Ministry of Iran said that the digital invasion was caused by a hacking group funded by a foreign nation, but did not name the country in specific.

Now, after 10 days, a statement released by Mohammad Rastad, Managing Director of the Ports and Maritime Organizations says that Israel could have launched the attack in retaliation to Iran’s cyberattack launched on the water distribution and utilities of Israel on April 24th, 2020.

Meanwhile, the Texas Department of Transportation (TxDOT) has stated that a ransomware cyberattack has disrupted its systems on a partial note at the end of last week. And it took place just after a week since the Texas State Judiciary system suffered a file-encrypting malware attack.

Full article

NHS rejects Google and Apple Coronavirus tracking app due to data security fears

Cybersecurity Insiders

Last week, Apple and Google came forward to offer a Corona Virus tracking app to NHS which will be in lines with India’s Aarogya Setu Mobile app.

However, UK’s government-funded healthcare service provider had rejected the plea due to data security concerns as the tech giants said that the App developed by them on a collective note will be running on a central database which will be in full control of them- creating a blueprint for unethical mass surveillance after the Wuhan Virus spread ends in UK & Europe.

Therefore, the NHS decided to build its app which runs on a centralized information collecting system and will be ready to be used by Britain’s population in two or three weeks.

NHSX, a digital arm of NHS will be building the app which will not only help the users in tracking COVID 19 patients but will also share insights on the spread of the pandemic, the mitigation measures are taken by the government to stop the spread, several people who are being infected, recovered and dead and also some precautionary measures to be taken by the users to help flatten the curve of the Coronavirus Infection spread.

Full article

Ransomware attack on US Pharma Company ExecuPharm

Cybersecurity Insiders

ExecuPharm, a US-based pharmaceutical company is reported to have become a victim of a Ransomware attack on March 13th of 2020. And as per a letter sent by the company to the Attorney General, Vermont details such as social security numbers, financial info, driving license details, passport numbers, and other sensitive data might have been accessed and stolen by hackers.

News is out that the hackers belonging to the CLOP ransomware group have posted a vast cache of data including email records, financial data, and accounting records along with user docs and data backups on the dark web.

Full article

Apple iPhones are vulnerable to Email hacks

Cybersecurity Insiders

Apple iPhones are vulnerable to email hackers says a Cybersecurity startup from San Francisco named ZecOps. The firm confirmed that a few Apple iPhone customers were targeted by cyber-attacks via emails in summer last year where hackers were found triggering hacks leveraging unknown vulnerabilities.

A source from Apple Inc confirmed the susceptibility and assured that a security patch will be issued to the email vulnerability in the upcoming release of Apple’s iOS 13.

Releasing a statement to Motherboard, Zuk Avraham, the founder of ZecOps confirmed that the flaw can be exploited using the iPhone’s Default Mail app and said that hackers might use it against VIPs, executives across multiple industries and owners running Fortune 500 companies as all these tech geeks are fond of Apple devices.

What’s interesting in this whole attack saga is that the hackers tried to cover their attack tracks by deleting the emails which triggered the hack via Zero- Click definition.

Full article

Ransomware Attack on Canada Accounting Firm MNP

Cybersecurity Insiders

MNP LLP, a leading accounting firm in Canada has admitted that it became a victim of a Ransomware cyber-attack which it identified on April 5th, 2020, forcing the officials to shut down the systems to contain the malware spread.

All MNP employees have been asked via mobile text messages to bring their own computing devices and get them secured by the IT staff before reconnecting to the servers.

A third-party security firm has been hired to investigate the incident and around 80 offices related to MNP will remain closed until the data access is restored to normalcy.

Bleeping Computer which first reported the incident says that the Canadian accounting firm follows a typical work hour schedule of 37.5 hours a week. And any employee working more than the prescribed hours will be rewarded with the ability to take time off depending on the extra hours he/she worked in the previous week.

Full article

Data Breach at San Francisco International Airport

Cybersecurity Insiders

A hacking group that infiltrated into the network of San Francisco’s International Airport in March 2020 is reported to have access login credentials used by employees on two of its websites – SFOConnect.com and SFOConstruction.com. And the interesting part in this hacking story is that the threat actors were not interested in seeking the data from the website, but were rather interested in knowing the login credentials of those accessing the websites from their respective windows devices and IE browsers.

Authorities from the 7th busiest airport’s in North America are urging users to change their email and windows device passwords accordingly and said that an email alert in this regard will be posted to the victims by this weekend.

Cybersecurity Insiders has learned that the breach took place when hackers maliciously injected code into the said 2 websites to steal the user credentials. Both the websites were pulled down as soon as the incident was identified. But SFOConnect has been restored last week and SFOConstruction will be restored by the end of this week.

Full article

Zoom App hires Facebook Security Chief after ban from Google and Amazon

Cybersecurity Insiders

After Google, Amazon, and Microsoft announced to the workforce to not use the video conferencing app for any business purposes, Zoom has appointed Ex-Facebook Security Chief Office Alex Stamos as an adviser to improve security and privacy quotient on the rapidly growing communication amid stiff backlash.

Alex will be taking control of his office from early this week and will be helping Zoom in rebuilding a security program that can be trusted by its users across the world.

During the Coronavirus pandemic and lockdown, millions of users took the help of the Zoom app to quench their work from home communication needs. For instance, many schools and educational institutes in North America starting using the app as a platform to host online classes.

However, things turned negative when Patrick Wardle, a former NSA hacker discovered several vulnerabilities in the remote working app which made hackers take control of the webcam and the microphone of users.

This triggered panic among users who then started to look for alternatives such as Microsoft Teams and Cisco’s WebEx due to privacy concerns.

Full article

China starts attacking Trump for Coronavirus outbreak with fake Facebook ads

Cybersecurity Insiders

China has started to pin the blame on US President Donald Trump by creating fake Facebook (FB) ads which blamed the 73-year old president for the outbreak of Novel COVID 19.

After listening to a lot from the world that the country started a bio war by developing Corona Virus in the labs of Wuhan and spreading it across the globe, the Xi Jinping led nation is now seen turning the tables on North America.

According to a report published in Telegraph, 3 Chinese media outlets named Xinhua, Chine Central Television and The Global Times are seen publicizing heavily about the blame on social media platforms such as Facebook and Instagram in the form of concealed Political Ads- might be retaliation to the trade ban imposed on China by Trump administration last year.

Highly placed sources say that a team of digital warriors has been assigned the task of tarnishing the image of North America by pinning the blame of the Chinese Virus spread. News is out that they are doing it in the disguise of posting non-political ads from nations that aren’t on the blacklist of Facebook. Furthermore, short article driven ads are being posted on Instagram in English, Chinese and Arabic to ensure the spread attains a 100% success rate.

Full article

Japan to invest $237.12 million in Artificial Intelligence to counter Cyber Attacks

Cybersecurity Insiders

The Ministry of Defense (MoD) of Japan has confirmed that it is going to invest over 25.6 billion Yen or $237.12 million in USD to develop Artificial Intelligence-based tools to counter cyber attacks.

Japan aims to develop an all-inclusive AI system that can detect malevolent emails, respond to cyberattacks in an automated way through machine learning skills and eventually neutralize the effect of attacks on public and private sector targets.

The MoD is also planning to procure a Cyber Information Gathering System for $31.5 million resourceful to gather tactics, techniques, and procedures (TTP) or to adhere to Self-Defense Forces (SDF).

Highly placed sources say that the government of Japan woke up to a digital alert when a massive scale Cyber Attack was launched on Mitsubishi Electric by a hacking group from China.

Some media resources from Japan reported on an international note that some critical info about MoD and Nuclear Regulation Authority was accessed and stolen by hackers in the attack. Furthermore, digital documents related to private firms, railway operators and a car manufacturer visionary approach for the year 2022 were also reportedly accessed by the threat actors.

To prevent such attacks any further on public and private entities, Japan’s MoD has now initiated measures to thwart such attacks shortly. And as a plan to strategize a framework to defend the critical infrastructure from cyber attacks the company.

Full article

Microsoft disinvests from Israeli Startup due to Espionage allegations

Cybersecurity Insiders

Microsoft has made it official that it is going to withdraw from an investment agreement that is made with an Israeli startup which was into the development of facial recognition software. Although the company never made its intention for disinvestment clear, a source from the tech giant says that the decision was taken after it learned that the startup’s product was being used by the government to conduct surveillance on the populace of West Bank- a region located near the border of Jordan.

The company in the discussion is AnyVision which is a company based in Tel Aviv and offering facial recognition software.

Highly placed sources say that the AnyVision facial recognition software was being used to monitor border crossings between West Bank and Israel. But it is still not clear whether the videos are a part of mass surveillance programs- similar to the espionage program being conducted in China.

Full article