Cybersecurity researchers have found a flaw in the encryption algorithm used for GPRS or 2G cell phones. This may have allowed hackers to gather information on data traffic for over 20 years. Experts suggest that the flaw in GEA-1 was created intentionally to allow a backdoor for law enforcement agencies. The GEA-1 algorithm was supposed to be removed from smartphones back in 2013 but researchers have found them in android and iOS devices, as well.
Cyber threat intelligence company, Cyble has hired Rishi Mehta as their new CISO. The company specialises in empowering global organisations with dark web, cybercrime monitoring and mitigation services. Mehta is a veteran with experience of over two decades. He formerly worked with Target for six years as Senior Director, Technology. He has also worked with Religare, CitiFinancial, and Genpact. At Cyble he is expected to manage infosec functions.
Volkswagen, in a statement, said a data breach at a vendor has affected 3.3 mn customers and potential buyers in North America. Almost all of them were customers or potential buyers of Audi. The vendor had left sales and marketing information from 2014-19 in an e-file unsecured. Limited personal information about customers and potential buyers was exposed to hackers. VW will offer free credit protection services to the 90,000 customers affected by the leak.
JBS USA paid a sum of $11mn after its system was hacked and its operations in North America and Australia were affected. Last week, post cyberattack, cattle slaughtering at all of its plants in the US were stopped for a day, which threatened to increase the prices. Investigations are being carried out and till now no company, employee, or customer data has been leaked. Russian groups REvil and Sodinokibi have been identified as the attacker.
The US justice department said it has recovered cryptocurrency worth $2.3 mn which was paid by the Colonial pipeline to the ransomware attackers. 63.7 bitcoins worth $2.3 mn have been seized were part of the $5 mn ransomware Colonial paid to the hackers to gain access to IT infrastructure. The White House has urged companies to improve cybersecurity. The cyberattack will also be discussed this month in the meeting between the presidents of the US and Russia.
Google is in the works to launch new safety features along with a new scanning tool for risky downloads. This will be done to safeguard users from phishing attempts. ‘Enhanced safe browsing’ launched in 2020, will provide additional protection. Google claims, ‘Enhanced safe browsing’ users are 35% less phished than other users. Last year after the Chrome web store was integrated with Google safe browsing, chrome disabled 81% of extensions to protect users.
An APT group attacked a local govt office using Fortinet vulnerabilities. The FBI didn’t name the office but has issued a warning as Fortinet’s vulnerabilities being exploited by cybercriminals. APT actors created an account by the name of ‘elie’ to increase activity on networks. In April FBI had warned that the ports 4443, 8443, and 10443 for Fortinet FortiOS CVE-2018-13379, and enumerated devices for FortiOS CVE-2020- 12812 and FortiOS CVE-2019-5591, had been compromised.
A Kaspersky DDoS Prevention report said that in the Q1 of 2021, the DDoS attack witnessed a drop of 29 % when compared to Q1 of 2020. However, a 47 % increase is seen in the Q4 of 2020. The growth is due to the abnormal spike in Jan which accounted for 43 % of the total number of attacks in the three months, the rest of the two months remained normal. The report painted the overall DDoS situation as stable.