A group of hackers has published the personal details of hundreds of German politicians, but also German artists and local YouTube celebrities.
The data was uploaded online and later promoted via Twitter, starting a few days before the Christmas holiday. The source of the data appears to be the victims’ smartphones. Details about how the data was stolen and exfiltrated from infected phones remain unclear, at the time of writing. According to German news outlets [1, 2, 3], the leaked data contains names, home addresses, phone numbers, email addresses, photo IDs, personal photos, and personal chat histories.
Read more about the disturbing data leak on ZDNet.
The website of Luas, the tram system operating in Ireland’s capital city of Dublin, has been taken offline this morning after hackers defaced the site and demanded a ransom be paid within five days.
Early morning visitors to the website were greeted with a message from the hackers, claiming that data had been stolen from operator Transdev Ireland, and would be published on the internet unless a ransom demand of one Bitcoin (approximately 3,300 Euros or US $3,800) was paid. In the message, the hackers claim that they previously contacted the tram operator about security vulnerabilities and were aggrieved that they received no response.
Read more about the attack on the Luas website on Tripwire.
A hacker has stolen the personal details of 7.6 million users of browser-based game the “Town of Salem,” BlankMediaGames (BMG) has admitted in a blog post. The hack came to light after a mysterious person sent a copy of the stolen data to DeHashed, a commercial data breach indexing service.
DeHashed says it spent all the Christmas and New Year holiday trying to contact BMG and alert the game maker of the hack and its still-compromised server. The hacked servers were finally secured and “multiple backdoors removed” this week. The compromised information appears to include, usernames, email addresses, encrypted passwords, IP addresses and more.
Read more about the Town of Salem data breach on ZDNet.
A new hacking campaign is underway that is targeting Chromecast adapters, Smart TVs, and Google Home in order to play a YouTube video promoting PewDiePie’s YouTube channel.
Since the battle to have the most subscribers began between the YouTube channels of PewDiePie and T-Series, a hacker who goes by the name TheHackerGiraffe has been performing creative attacks that promote PewDiePie’s channel. First they sent print jobs promoting PewDiePie to Internet-connected printers. Now they are targeting Internet-connected devices that support Chromecast and forcing them to play a YouTube video.
Cloud hosting provider Dataresolution.net is struggling to bring its systems back online after suffering a ransomware infestation on Christmas Eve. The company says its systems were hit by the Ryuk ransomware, the same malware strain that crippled printing and delivery operations for multiple major U.S. newspapers over the weekend.
Data Resolution LLC provides software hosting, business continuity systems, cloud computing and data center services to some 30,000 businesses worldwide. The company has not yet responded to requests for comment.
Over the last couple of years, we have seen a marked shift in cyber-attacks. Traditionally, hackers have focused on theft; stealing data is easily monetizable, which meant that headline attacks tended to involve the breach of personal information or intellectual property. But now a new kind of threat is on the rise. Attacks now involve sabotaging and disrupting the technology systems that support manufacturing, energy generation, and transportation.
Hackers have increasingly focused their attention to breaking into industrial environments. Against the ongoing backdrop of cyber conflict between nation states and escalating warnings from the Department of Homeland Security, critical infrastructure is becoming a central target for threat actors.
Read more about critical infrastructure attacks on SecurityWeek.
In businesses around the world, 2018 showed us that cyber security vulnerabilities continue to grow and evolve. The business impact and complexity of managing cyber security is increasing dramatically, as is the need to justify cyber security investments and provide reporting relevant to the business to prove the value of those investments.
Advances in technology like artificial intelligence and machine learning accelerate the pace of new, data-driven solutions, but this can be a dual-edged sword as bad actors can leverage them into more sophisticated attacks on companies that are just trying to stay abreast of current threats.
Read about the cybersecurity predictions for 2019 by Adrian Nish, Head of Threat Intelligence at BAE Systems, on BAE Systems.
The potential impact of cyber attacks on the economy of the world’s largest cities has risen by nearly nine per cent in the last year, according to the 2019 update of the Global Risk Index from the Centre for Risk Studies at Cambridge Judge Business School. Cyber risk has now risen from seventh to sixth place among global threats in the index.
The research is unique in making an annual quantification of the potential GDP impact of unpredictable shocks on the world’s most prominent cities. The 2019 update to the Global Risk Index sees a uniform rise in GDP@Risk across all the 279 world cities that make up the index and more significant increases in risk for some urban centres.
Read more about the findings of the Global Risk Index on BusinessWeekly.
The biggest threats online continued to mirror the biggest threats in the real world, with nation states fighting proxy battles and civilians bearing the brunt of the assault. In many cases, the most dangerous people online are also the most dangerous in the real world. The distinction has never mattered less.
Read the list of most dangerous people on the Internet for 2018 on Wired.
A server outage at Tribune Publishing on Saturday that prevented the distribution of many leading U.S. newspapers, including the Wall Street Journal, New York Times, Los Angeles Times, Chicago Tribune and Baltimore Sun was actually nothing of the sort.
Instead, it appears to have been a cyber-attack involving what is thought to have been a version of the highly successful Ryuk ransomware family. Interestingly, Ryuk is often attributed to the Lazarus Group which is thought to operate out of China but in the hands of North Korean threat actors.
Read more about the ransomware attack on Tribune Publishing on Forbes.