News

Samsung UK data breach and ransomware actor’s SEC complaint

Dan Virgillito
November 20, 2023 by
Dan Virgillito

Samsung discloses data breach impacting UK customers, ransomware actor files SEC complaint over victim’s failure to disclose breach and the Ddostf malware botnet. Catch all this and more in this week’s edition of Cybersecurity Weekly.

Top Security Awareness Posters

Top Security Awareness Posters

Download our collection of free posters and use them to keep security at the forefront of your employees' minds.

1. Samsung UK discloses year-long data breach that leaked customer data

Last week, Samsung Electronics informed customers of a data breach at its UK online store. It exposed personal details like names and contact information. Financial data and passwords, however, were not affected. The company stated the breach was caused due to a vulnerability in a third-party application. This incident is the third major data breach Samsung has faced in the past two years.

Read more »

2. Ransomware gang reports victim to SEC over undisclosed data breach

The ransomware group ALPHV/BlackCat recently filed a complaint with the SEC against MeridianLink. They accuse the digital lending solutions provider of failing to disclose a data breach under new SEC rules. MeridianLink acknowledges the incident but reported minimal impact and no unauthorized access. This unusual tactic by ALPHV/BlackCat could signal a new approach in ransomware strategies involving threat actors filing regulatory complaints against victims.

Read more »

3. Researchers discover DDostf malware botnet targeting MySQL servers

ASEC researchers have detected a rise in Ddostf botnet attacks targeting MySQL servers on Windows. Attackers exploit vulnerable MySQL servers using weak credentials or known flaws. Once in, they install Ddostf, which waits for commands to initiate DDoS attacks. The botnet's unique capability allows it to connect to new addresses and execute commands. Administrators are urged to secure their servers with strong passwords and timely patches to thwart such campaigns.

Read more »

4. U.S. feds warn of Scattered Spider’s advanced phishing methods

U.S. agencies recently warned of a cybercrime group known as Scattered Spider. Skilled in social engineering, Scattered Spider employs tactics like SIM swapping and prompt bombing to infiltrate networks. Researchers also found the group using legitimate remote access tools and impersonation tactics for data theft. The U.S. government is advising companies to strengthen their defenses with phishing-resistant MFA, application controls and recovery plans.

Read more »

5. Russian cyber espionage group uses LitterDrifter USB worm to infiltrate Ukrainian entities

A Russian cyber espionage group tied to the FSB has been using a USB worm called LitterDrifter to target Ukrainian entities. Check Point reveals that the group uses this worm for large-scale data collection driven by espionage goals. LitterDrifter spreads via USB drives and connects to command-and-control servers, evolving from a PowerShell-based worm. Unique in approach, it uses domains as placeholders for C2 servers and links to a Telegram channel for C&C communication. This worm's usage marks an escalation in Russian cyber espionage efforts with a focus on intelligence gathering.

Read more »

Phishing simulations & training

Phishing simulations & training

Build the knowledge and skills to stay cyber secure at work and home with 2,000+ security awareness resources. Unlock the right subscription plan for you.

Dan Virgillito
Dan Virgillito

Dan Virgillito is a blogger and content strategist with experience in cyber security, social media and tech news.