On Thursday evening, around 6:25 PM, Uber announced that it was responding to a cybersecurity incident. While Uber hasn’t gone into details about what happened, the purported threat actor has openly corresponded with several security professionals, including Sam Curry at Yuga Labs, Corben Leo at Zellic.io and The New York Times. According to both Curry and Leo, multiple systems were impacted.
IHG Hotels & Resorts, the hotel group that owns the Holiday Inn and Intercontinental brands, experienced a cyber attack in the first week of September. The attack has impacted the central hotel’s booking system and mobile apps, causing a service outage for several days. Loyalty program members could not log in or create new bookings during this time.
Read also: Microsoft fixes a Windows zero-day, the US sanctions Iranian hackers linked to ransomware attacks, and more.
At the beginning of the Russia-Ukraine conflict, KillNet - a Russian cybergang - began actively collecting open-source intelligence (OSINT), which drew interest from various threat actor groups. Heightened interest in the OSINT data led to additional actors joining , growing its membership to include not only Russian cyber criminals, but uniting other cyber gangs sympathetic to Russia.
On August 9, 2022, we released a blog post about a phishing campaign where attackers were abusing Google Sites and Microsoft Azure Web Apps to steal cryptocurrency wallets and accounts from different targets, namely Coinbase, MetaMask, Kraken, and Gemini. The attackers were abusing SEO techniques to spread the pages and using advanced techniques to steal data, such as using live chats to interact with victims.
As cyberattacks become more sophisticated and frequent, developers and security teams often become overextended in their efforts to protect their software and applications. In an article for Security, Daniel Elkabes, Mend’s vulnerability research team leader, highlights what cybersecurity leaders should invest in now to help set up their teams for the future.
Cyber-attacks happen around the clock, far more often than can ever be reported outside of the organizations they affect. But sometimes an attack is so widespread and devastating that it sends shockwaves through the business world and even into the mainstream media. Incidents like SolarWinds and Log4j were front page news, sending organizations scrambling to patch them.
In an increasingly digital world, cybersecurity is a significant – and relevant – threat to individuals and companies alike. Cybercriminals are constantly devising new ways to steal information for personal gain through exploitation or ransom demands. It’s become unfortunately commonplace to hear tales of drained checking accounts, leaked photos, and private documents being published to the masses.
Throughout the first half of 2022, Vedere Labs published analyses of prominent ransomware families, such as Conti, Night Sky and ALPHV. We also examined well-known ransomware incidents such as the attacks on the NFL’s SF 49ers by the BlackByte group; on a UK water utility, where the Clop gang managed to access their SCADA system; and on an NHSsoftware provider, where an unknown group managed to disrupt healthcare services in the UK for weeks.
