Cyber Security News Roundup – 6th February 2023
By Emily Davidson
06 February 2023It's the beginning of a new week, and that means a round up of what's been going on in the world of cyber security and data protection over the last 7 days! To learn more about each story, click the headings.
JD Sports Says Hackers Stole Data of 10 Million Customers 30/01
UK based sports and fashion retailer JD Sports has warned that online order information for over 10 million customers has been leaked following a recent data breach. The leaked information on orders placed between November 2018 and October 2020, included sensitive data such as names, email addresses, phone numbers, and the final four digits of card numbers. JD Sports stated that they detected the unauthorised access instantly and quickly responded to prevent any further access, but customers are being warned to stay vigilant for attempted phishing and social engineering. (Bleeping Computer)
Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years 31/01
Researchers have uncovered a shellcode based packer named Trickgate, that has been successfully used for the last 6 years without attracting notice. Trickgate has been used to deploy a variety of malware, including Trickbot, Emotet and REvil, evading detection due to its transformative nature, with periodic changes making it a ‘master of disguise’. Trickgate’s infection chain begins with phishing emails containing malicious files or links that download the shellcode loader, before launching the payload into the system memory. (The Hacker News)
Arnold Clark Customer Data 'Stolen in Cyber Attack' 02/02
Scotland based car retailer Arnold Clark has admitted that its customers’ personal data may have been stolen in a recent cyber attack. After detecting suspicious activity the company shut down their entire network in the early hours of Christmas Eve, but not before attackers were able to extract sensitive personal data. Arnold Clark retains the passports and driving licenses of its customers, as well as sensitive information and national insurance numbers which could put anyone affected at risk of identity fraud. (BBC News)
LockBit Ransomware Gang Releases LockBit Green Version 02/02
The LockBit criminal group has released a new version of their infamous LockBit ransomware, LockBit Green, designed to target cloud based services. Intelligence researchers from SentinelOne noted that the latest LockBit version contains significant overlaps with the source code of the Conti Ransomware, which was leaked in March 2022. LockBit now seems to be focused on targeting cloud environments, as victims tend to store valuable information on these infrastructures, and it is extremely likely that the criminal gang will continue to improve their ransomware. (Cyber News)
Massive ESXiArgs Ransomware Attack Targets VMware ESXi Servers Worldwide 03/02
Businesses employing VMware ESXi servers are being targeted globally by a new EXSiArgs ransomware due to an unpatched two year old remote code execution flaw. Unauthenticated threat actors are able to manipulate vulnerability CVE-2021-21974 in low complexity attacks, and according to Censys Research approximately 3,200 EXSi servers have been compromised worldwide. (Bleeping Computer)
Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's vital that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how we could protect your business!
Latest resources
What are the legal consequences of a data breach?
What is a Data Breach? According to the European Commission, a data breach is when ‘the data for which your company/organisation is responsible suffers a security incident resulting in a breach of confidentiality, availability or integrity’. The causes of this can vary, but ultimately it is the organisation’s responsibility to prevent this situation from arising. […]
Managed IT service providers or internal hires: pros and cons
The choice between opting for a managed IT service provider and relying on internal hires is vital to ensure your business benefits from crucial information technology security services in a timely, effective, and agile way. From cyber security to software asset management, there are countless IT services that businesses must account for. A managed IT […]
Celerity Secures Spot on Crown Commercial Service G-Cloud 14 Framework to Drive Public Sector Digital Transformation
Celerity is delighted to have been named as a supplier on the Crown Commercial Service (CCS) G-Cloud framework, with the latest iteration, G-Cloud 14, commencing on 9th November 2024 and running through April 2026.