What’s going on around the world with attacks, hacks and breaches?
Technology giant Olympus hit by BlackMatter Ransomware
Olympus was hit with a ransom from BlackMatter on September 8th 2021 affecting their European, Middle East and Africa networks. A person with knowledge of the ransom leaked this news before Olympus had chance to address it!
BlackMatter left the ransoms on infected computers stating “Your network is encrypted, and not currently operational. If you pay, we will provide you the programmes for decryption”. Whilst leaving a web address that is known to be used by BlackMatter to communicate with their victims that is only accessed via the Tor browser.
“We are currently investigating a potential cyber-security incident. We are currently working to determine the extrent of the issue and will continue to provide updates as new information becomes available”
Olympus’ statement regarding the ransom
There have been no further updates to this attack. Check out Umbrella – which blocks C2 callbacks!
University of Oulu suffers data breach at the hands of phishing
Between 700-800 people’s passwords and usernames were acquired by a data phishing attack! The IT management team blocked certain usernames and changed passwords to damage control.
This does not seem that big of a deal does it? Are you aware of how many people use the same username and passwords (click here for the importance of strong passwords) across all of their accounts? You would be surprised. It takes only one cyber-criminal to hack this, enter your email, reset that locking you out and then reset any account linked to said email i.e. online banking! Using DUO multi-factor authentication will help keep you safe! Take a look.
Fortinet has warned that 87,000 set of credentials have been published online
Fortinet have confirmed that credentials taken from 87.000 unpatched Fortinet SSL-VPNs have been leaked online. These are for IP addresses worldwide. Using the leaked VPN credentials, attackers can perform data exfiltration, install malware and launch ransomware attacks. Fortinet released a statement:
“The security of our customers is our first priority. Fortinet is aware that a malicious actor has disclosed on a dark web forum, SSL-VPN credentials to access FortiGate SSL-VPN devices. The credentials were obtained from systems that have not yet implemented the patch update provided in May 2019. Since May 2019, Fortinet has continuously communicated with customers urging the implementation of mitigations, including corporate blog posts in August 2019, July 2020, April 2021 and June 2021 For more information, please refer to our latest blog and PSIRT advisory. We strongly urge customers to implement both the patch upgrade and password reset as soon as possible.”
Fortinet’s statement
This month looks like it is a popular month to take a look at DUO! Your cyber-security is extremely important!
Details of French visa applicants exposed
More than 8,000 people’s details who applied for a French visa have been exposed following a cyber-attack. Including in these details were their names, date of birth, nationality and passport numbers. The French Ministry of Foreign Affairs and Ministry of Interior released the following statement:
“The attack had been quickly neutralised but the personal details had been leaked”
French Ministry of Foreign Affairs and Ministry of Interior
All attacks are worrying, however it can happen to anyone or any organisation. Please ensure you have a solid cyber-security plan, solutions and a back-up plan should you be attacked. The FBI once quoted: “There are two types of companies, those who have been hacked and those who are yet to be hacked”. Check out our full portfolio of Cisco security here!
Should you wish to contact us for a no obligations chat – we are more than welcome to do this and also offer your organisation a FREE security audit!