Good morning, hope you’re staying warm. We’ve got some cybersecurity news for you this morning if you’re interested.
1. Microsoft (sort of) points finger following DDoS attack
Earlier this month, Microsoft’s Office suite was facing pretty severe service issues. A hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service attacks. Per AP we learn that Microsoft has now disclosed that DDoS attacks by the group were indeed to blame. In a blog post, Microsoft said the attacks “temporarily impacted availability” of some services. It said the attackers were focused on “disruption and publicity” and likely used rented cloud infrastructure and virtual private networks to bombard Microsoft servers from so-called botnets of zombie computers around the globe.
2. Reddit hack worse than first thought
Back in February, Reddit said it was hacked, with the security incident compromising some company data. At the time, it said users didn’t need to worry as their data was safe. But now, per a report from BleepingComputer, the threat actors claim to have stolen 80GB of data from the company. Reportedly, the phishing attack allowed the threat actors to gain access to Reddit’s systems and steal internal documents, source code, employee data, and limited data about the company’s advertisers. That said, Reddit maintains that production systems were not breached, and no user passwords, accounts, or credit card information were impacted.
3. NAB says it’s looking into HWL Ebsworth breach
HWL Ebsworth, a large Australian law firm that reportedly had 1.45 terabytes of data containing over a million documents published to the dark web earlier this year, has continued to take victims. Yesterday, the National Australia Bank put out a statement to clarify its status: “We are aware that HWL Ebsworth, a law firm engaged by NAB for some legal services, has been impacted by a cyber-attack. NAB’s systems were not impacted and remain secure. We are working with HWLE as they continue to get more information in relation to the content of these matters.” Per the Australian, Russia-linked ransomware gang BlackCat, also known as AlphV or Alpha Spider, hacked HWL Ebsworth’s Melbourne servers in late April, and tried to extort the company into paying a ransom. When the company refused, the hackers posted some of the data online.
4. MOVEit breach takes more victims
Consulting firm PwC has been swept up in a global cybersecurity breach, one that the AFR says threatens to embroil more Australian companies. Per the report, the Russian-linked cybercrime group Cl0p first broke into file-sharing software ‘MOVEit’ in May and began stealing data from entities including U.S. federal agencies and multinational organisations. We expect victims of this attack to grow more every day.
5. Human error breach at Libraries Tasmania
Staying in the cybersecurity space for one last item and the ABC is reporting that information was inadvertently published on the Libraries Tasmania website, thanks to human error. Per the report, it’s understood about 560 records from the site which were transferred to Tasmanian Archives went live on the archives’ website on May 5 and were removed June 15. The records concerned spanned from 1979 to 2006 and included a mix of conservation, archaeology, land management, and administration files, some of which includes staff related matter and some personal details. The organisation said that while some employee information was made live, this did not contain tax or banking information.
BONUS ITEM: Now for something not cybersecurity related….
See you tomorrow.