Tsaaro Weekly Privacy Newsletter
18th March, 2022
Tsaaro Weekly Privacy Newsletter
18th March, 2022

Holi is here and thus starts the festive season of this country with vibrant colours!

The holiday & vacation season has almost arrived, and this is the time of year when consumer spending reaches new heights. As the number of online and physical transactions has grown, so has the risk of cyberattacks on individuals and organizations. As a result, increasing cybersecurity measures, particularly for banks and financial organizations, is a must.

Cybercriminals target digital payment systems all year, but maybe even more so during periods of increased purchasing activity, such as the holiday shopping season. 77 percent of Indian enterprises encountered downtime due to cybersecurity risk during the peak festive season in 2020, while 81 percent of global organizations saw elevated cyber attacks during Covid-19.

Cyberattacks can corrupt, destroy, or steal sensitive data, intellectual property, and funds, resulting in fraud, embezzlement, identity theft, and disruption of normal corporate operations.

Cybercriminals can sell sensitive information or spy on businesses and their customers. According to McAfee, IT professionals believe the holidays are the most difficult peak periods for cybercrime. While 52 percent of those polled stated that crime spiked around festivals like Diwali, Ramadan, and Christmas, 32 percent said bank holidays were the largest risk, and 12 percent claimed that crime spiked during summer vacations in schools and universities.

Want to make sure your organization doesn’t suffer this festive season? Click here to see how Tsaaro can help.

Major Privacy Updates of the Week

Major Cyberattack crashes Israeli Government Website

A number of Israeli government websites went down in an apparent cyberattack as the country’s cyber authority confirmed it was a DDoS attack that had blocked access to government websites, and that all websites were back online. A defence establishment source claims that this was the largest-ever cyber attack carried out against Israel and the attack hit websites using the .GOV.IL domain, which is used for all government websites save for defense-related ones. Another website that uses this domain is the government database. Despite this, some of the websites can still be accessed via smartphone.

Read More

Major Cyberattack crashes Israeli Government Website

A number of Israeli government websites went down in an apparent cyberattack as the country’s cyber authority confirmed it was a DDoS attack that had blocked access to government websites, and that all websites were back online. A defence establishment source claims that this was the largest-ever cyber attack carried out against Israel and the attack hit websites using the .GOV.IL domain, which is used for all government websites save for defense-related ones. Another website that uses this domain is the government database. Despite this, some of the websites can still be accessed via smartphone.

Read More

Ubisoft becomes the newest victim of the Hacking group LAPSUS$

French video game company Ubisoft has admitted that a cyber security incident temporarily disrupted some games, systems, and services. The incident came to light after graphics chip maker Nvidia and South Korean giant Samsung suffered a data breach this month. Ubisoft said its IT teams were working with leading external experts to investigate the issue. “As a precautionary measure, we initiated a company-wide password reset. Also, we can confirm that all our games and services are functioning normally and that at this time there is no evidence any player personal information was accessed or exposed as a by-product of this incident.”

Read more

Ubisoft becomes the newest victim of the Hacking group LAPSUS$

French video game company Ubisoft has admitted that a cyber security incident temporarily disrupted some games, systems, and services. The incident came to light after graphics chip maker Nvidia and South Korean giant Samsung suffered a data breach this month. Ubisoft said its IT teams were working with leading external experts to investigate the issue. “As a precautionary measure, we initiated a company-wide password reset. Also, we can confirm that all our games and services are functioning normally and that at this time there is no evidence any player personal information was accessed or exposed as a by-product of this incident.”

Read more

Car Parts Giant Denso Targeted by Ransomware Group

Denso, ​​one of the world’s largest technology and component providers for the automotive industry, said its network was illegally accessed on March 10.

The Fortune Global 500 Company shut down the network connections of compromised devices after detecting the breach. The incident has not led to disruption of production activities, with plants operating normally, Denso said. While the company has not shared any information about the attackers, a cybercrime group named Pandora has taken credit for the attack, claiming to have stolen 1.4 Tb of data. In an effort to demonstrate their claims, the hackers have made available a list of files allegedly stolen from Denso, as well as several images of documents. Based on the list of files provided by the hackers, tens of thousands of documents, spreadsheets, presentations, and images have been compromised, including many that reference customers and employees.

Read more

Car Parts Giant Denso Targeted by Ransomware Group

Denso, ​​one of the world’s largest technology and component providers for the automotive industry, said its network was illegally accessed on March 10.

The Fortune Global 500 Company shut down the network connections of compromised devices after detecting the breach. The incident has not led to disruption of production activities, with plants operating normally, Denso said. While the company has not shared any information about the attackers, a cybercrime group named Pandora has taken credit for the attack, claiming to have stolen 1.4 Tb of data. In an effort to demonstrate their claims, the hackers have made available a list of files allegedly stolen from Denso, as well as several images of documents. Based on the list of files provided by the hackers, tens of thousands of documents, spreadsheets, presentations, and images have been compromised, including many that reference customers and employees.

Read more

Nasty Linux Netfilter firewall security hole found.

Sophos threat researcher, Nick Gregory has uncovered a bug in Linux Netfilter. The bug allows an attacker to launch DDoS attacks and achieve kernel code execution on compromised devices. Linux Netfilter is a Linux security program that controls access to and from Linux’s network stack. The bug tracked as CVE2022-25636 has a 7.8 severity score. It is present in the Linux kernel versions 5.4 to version 5.6.10. Other affected distribution releases include Red Hat Enterprise Linux (RHEL) 8.x, Debian Bullseye, Ubuntu Linux, and SUSE Linux Enterprise 15.3. Highlighting how dangerous the bug is, Red Hat explained that the flaw “allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a privilege escalation threat.”

Read more

Nasty Linux Netfilter firewall security hole found.

Sophos threat researcher, Nick Gregory has uncovered a bug in Linux Netfilter. The bug allows an attacker to launch DDoS attacks and achieve kernel code execution on compromised devices. Linux Netfilter is a Linux security program that controls access to and from Linux’s network stack. The bug tracked as CVE2022-25636 has a 7.8 severity score. It is present in the Linux kernel versions 5.4 to version 5.6.10. Other affected distribution releases include Red Hat Enterprise Linux (RHEL) 8.x, Debian Bullseye, Ubuntu Linux, and SUSE Linux Enterprise 15.3. Highlighting how dangerous the bug is, Red Hat explained that the flaw “allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a privilege escalation threat.”

Read more

Cyberattack on Ukrainian Internet provider Triolan.

Triolan is a collective of independent network operators in Ukraine that is a major broadband provider in the country — typically among the top five to ten carriers in terms of global traffic flow, according to Madory. But web traffic involving Triolan dropped dramatically around 10:30 pm local time on Wednesday, and it’s still far below normal levels based on assessments from Madory and traffic flows from the Internet Outage Detection and Analysis Project at Georgia Tech University. According to the statement to Telegram by Triolan Thursday, service disruptions were attributed to what the company described as the second round of cyberattacks that disabled routing equipment in ways that left them unable to remotely recover service.

Read more

Cyberattack on Ukrainian Internet provider Triolan.

Triolan is a collective of independent network operators in Ukraine that is a major broadband provider in the country — typically among the top five to ten carriers in terms of global traffic flow, according to Madory. But web traffic involving Triolan dropped dramatically around 10:30 pm local time on Wednesday, and it’s still far below normal levels based on assessments from Madory and traffic flows from the Internet Outage Detection and Analysis Project at Georgia Tech University. According to the statement to Telegram by Triolan Thursday, service disruptions were attributed to what the company described as the second round of cyberattacks that disabled routing equipment in ways that left them unable to remotely recover service.

Read more

WEEKLY PRIVACY NEWSLETTER

Keep up to pace with this high-impact weekly privacy newsletter that
features significant data privacy updates, trends, and tools that can
help to make your life secure & easier every day!

*By clicking on subscribe, I agree to receive communications from Tsaaro