An Optus store. (Photo: Optus)

Optus Under $1 Million Extortion Threat in Data Breach

Jeremy Kirk • September 25, 2022

Australia’s Optus telco is facing a $1 million extortion demand to prevent the release of up to 11.2 million sensitive customer records. The data appears to be legitimate. The attacker tells ISMG an unauthenticated API lead to the breach.

Cloud Access Security Brokers (CASB)

Public Water Systems at Cybersecurity Risk, Lawmakers Hear

Latest

Cybercrime

Metador Threat Group Targets Telcos, ISPs, and Universities

Prajeet Nair • September 24, 2022

Researchers uncovered a never-before-seen advanced threat actor dubbed Metador targeting telecommunications, internet service providers and universities in several countries in the Middle East and Africa for cyberespionage. They found two different Windows-based malware platforms.

Business Email Compromise (BEC)

HHS HC3 Warns Health Sector of Monkeypox Phishing Schemes

Marianne Kolbasuk McGee • September 23, 2022

Scammers are taking advantage of the monkeypox virus outbreak to launch phishing campaigns targeting healthcare providers and public health organizations to harvest credentials, the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center says.

Business Email Compromise (BEC)

Sweepstakes Spam Hackers Used Microsoft Infrastructure

Prajeet Nair • September 23, 2022

Hackers behind a campaign of deceptive sweepstakes spam hacked their way into Azure cloud accounts that lacked multifactor authentication and obtained admin privileges for Exchange servers. Microsoft advises turning on MFA and other measures such as conditional access.

Multi-factor & Risk-based Authentication

ISMG Editors: How a Teen's Hack of Uber Adds to MFA Crisis

Anna Delaney • September 23, 2022

In the latest weekly update, ISMG editors discuss the industrywide implications of a teenager hacking into Uber's internal systems, key trends in the new Gartner SD-WAN Magic Quadrant report, and how ethics and security culture are center stage due to recent CISO revelations at Uber and Twitter.

Fraud Management & Cybercrime

Ransomware's Future: A Continuing Money Spinner

Jeremy Kirk • September 23, 2022

What is the future of ransomware, and is it going to continue with the same intensity of the last few years? Michael DeBolt of Intel 471 says anti-ransomware efforts, including government action and better cybersecurity practices, are working. But ransomware isn't going away soon.

Fraud Management & Cybercrime

Portuguese Airliner Vows Defiance Against Extortion Hackers

Mihir Bagwe • September 22, 2022

The chief executive of Portugal's state-owned airline said she will not negotiate with hackers even as the Ragnar Locker ransomware-as-a-service group posted online the data of 1.5 million customers. "We hope you support us in this ethical attitude," said Christine Ourmières-Widener.

Cybercrime

Capital One Moves Past 2019 Hacking Incident

David Perera • September 22, 2022

Credit card giant Capital One is moving past its 2019 hacking incident as federal regulators stop requiring quarterly updates on efforts to improve cybersecurity and a federal judge signs off on a $190 million settlement in a proposed class action lawsuit.

Leadership & Executive Communication

Profiles in Leadership: Errol Weiss

Tom Field • September 22, 2022

Errol Weiss, chief security officer of Health-ISAC for the past three years, watched the healthcare sector undergo a historic revolution in the digital delivery of services to patients. Also in that time, the attack surface grew exponentially. How can entities best defend it?

Breach Notification

Australian Telco Optus Warns of 'Significant' Data Breach

Mathew J. Schwartz • September 22, 2022

Australian telecommunications giant Optus is warning that current and former customers' personal details were exposed, including some driver's license and passport details, but no passwords or financial details, after it suffered a major data breach.

3rd Party Risk Management

Hacks Spotlight PHI Risks For Ambulance Cos., Vendors

Marianne Kolbasuk McGee • September 22, 2022

Recent hacking incidents involving an emergency medical transport company and a firm that provides billing services to ambulance companies underscore how protected health information is subject to risk and oversight alike before a patient even steps into a hospital.

Endpoint Security

It's 2022. Do You Know Where Your Old Hard Drives Are?

Anna Delaney • September 22, 2022

The latest edition of the ISMG Security Report discusses financial giant Morgan Stanley's failure to invest in proper hard drive destruction oversight, the future of ransomware and the gangs that have attacked organizations in recent years, and the methods required to secure new payments systems.

Cyberwarfare / Nation-State Attacks

Universities Urged to Defend Sensitive Research From Hackers

Michael Novinson • September 21, 2022

Cyberattacks against universities have forced academia to implement new rules and processes to safeguard sensitive research from adversaries such as China, Russia and Iran. Texas A&M set up an office in 2016 to oversee security around scholarship, and the office works to prevent foreign influence.