Cyber Intelligence Briefing: 2 December 2022

The S-RM Cyber Intelligence Briefing is a weekly round-up of the latest cyber security news, trends, and indicators, curated by our intelligence specialists.

top NEWS stories this week

1. Vulnerable API’s. Data scraping in the spotlight as Meta fined for GDPR breach and Twitter leak resurfaces.
2. LastPass breached again. Password manager suffers another security breach.
3. Black Basta and Vice Society attacks. IKEA and Maple Leaf Foods hit by ransomware.
4. Ransomware townhall. Parliament launches inquiry into UK’s national ransomware strategy.
5. Call the police? Ragnar Locker ransomware gang hit local Belgian police force.
6. Get patching. CISA warns of a critical Oracle Fusion Middleware bug used in attacks.
   
   
   

1. META FINED AFTER USER DATA LEAKED

Ireland’s Data Protection Commission (DPC) has fined Meta EUR 265 million following an April 2021 data breach. Personal information of more than 500 million Facebook users was harvested and leaked online. Malicious actors took advantage of a vulnerability in Facebook’s application programming interface (API) to scrape users’ public profiles for phone numbers, dates of birth, locations, and email addresses.

Separately, malicious actors abused a Twitter API vulnerability to steal the personal information of over 5.4 million users. The information was initially marketed on a hacking forum for USD 30,000 in July, and was made available for free last week.

2. LASTPASS HACKED AGAIN

For the second time in 2022, password manager LastPass has suffered a data breach that has resulted in customer data being compromised. Threat actors gained access using stolen information from a previous security breach in August 2022. Customer passwords have reportedly not been accessed during this incident.

3. LARGE ORGANISATIONS HIT BY RANSOMWARE

• Vice Society has hit IKEA Morocco and IKEA Kuwait. The attacks have led to personally identifiable information being posted on their leak site. Separately, the group has also targeted Cincinnati State College.
• Black Basta ransomware group has claimed responsibility for the cyber attack on Canadian meat supplier Maple Leaf Foods, publishing screenshots of their financial information and corporate files. Maple Leaf has reportedly refused to pay a ransom.

4. UK PARLIAMENTARY INQUIRY INTO RANSOMWARE STRATEGY

An inquiry into the UK’s national security strategy against ransomware held its first session on Monday. The introductory session aimed to establish the scale and nature of the threat. The committee heard evidence that ransomware has increased by 300 percent year on year since 2020. It was also established that the UK government has not delivered tangible actions to address the threat.

5. RAGNAR LOCKER LAUNCH ATTACK ON BELGIAN POLICE

The Ragnar Locker ransomware gang infiltrated a local Belgian police unit’s network and leaked years’ worth of confidential information that could compromise police investigations. The Belgian Chief Commissioner of Police blamed the breach on ‘human error’ and stated that the sensitive data should not have been on the compromised administrative network.