Cybersecurity News

Two top electronics manufacturers fell victim to the tactics of the same ransomware group. The group has also leaked one of its victim’s code-signing certificates, which are being exploited in the wild to spread other malware. On similar lines, we have a healthcare organization and a school district as casualties of cybercrimes. Let’s continue reading for the top cybersecurity highlights from the weekend.

1. Samsung Electronics disclosed a cyberattack on its network after the Lapsus$ group allegedly dumped nearly 190GB worth of stolen data. However, no personal data was leaked during the incident, as per the tech giant.

2. Lapsus$, responsible for the recent attack on Nvidia, reportedly released two of the company's old code-signing certificates, and threat actors have started abusing it.

3. New York-based Adafruit suffered a customer data leak via a publicly-accessible GitHub repository. Apparently, a former employee used real customer data for training and data analysis operations on GitHub.

4. A cyberattack at the Oklahoma-based Duncan Regional Hospital Health Foundation blurted out the patients’ personal records and PHI, via the impacted server.

5. Ukrainian CERT issued a warning about hackers using compromised email accounts of three different Indian entities to steal sensitive information of Ukrainian citizens.

6. According to NCC Group, cybercriminals are distributing the SharkBot banking trojan via Google Play Store. The malware, which has infected over 55,000 Android users, is capable of initiating money transfers while also stealing credentials.

7. Fleetwood Area School District, Pennsylvania, was hit by a ransomware attack. Police officials declared no threat to students, staff, or their financial information