Oct 04 2023
Welcome to Gone Phishing, your daily cybersecurity newsletter that’s blowing up like the the Iphone 15 💥
Today’s hottest cybersecurity news stories:
🐍 MEDUSA sets her eyes on 2 new victims and sets ransom deadline 💰
👨💻 Something changed in the Matrix. BlackCat hacks Motel One 🏨
🔒 API Security Trends 2023: The writing is on the wall, cyber squad ✍️
The infamous MEDUSA ransomware group is back in action, targeting two high-profile companies and demanding hefty ransoms for their encrypted data's release. 😱
🎯 New Victims
The latest victims on the MEDUSA group's dark web portal are Karam Chand Thapar & Bros. (Coal Sales) Ltd in India and Windak Group. This highlights the escalating threat from MEDUSA.
🌐 Global Impact
Windak Group, a Swedish cable packaging equipment manufacturer, faces a $100,000 ransom with a deadline of 9 days and change. Meanwhile, Karam Chand Thapar & Bros. in India is asked to pay $200,000 in less than 10 days.
🔍 Verification Pending
Cybersecurity watchdog, The Cyber Express, is working to verify these claims, but no official responses from the targeted companies have emerged yet. 🕵️♂️
🌐 Business as Usual
Despite the attacks, the victim websites seem operational, adding uncertainty to the situation.
🔄 Pattern Continues
MEDUSA employs a similar modus operandi by announcing their victims on their dark web platform, following a recurring pattern in their cyber attack claims.
💼 About MEDUSA
The group is known for its MedusaLocker Ransomware, targeting Windows machines through SPAM campaigns. They focus on healthcare, education, and data-rich enterprises and employ a double extortion tactic.
🤯 Their Tactics
MEDUSA exploits vulnerable Remote Desktop Protocols (RDP), uses deceptive phishing campaigns, and erases shadow copy backups to hinder data restoration.
Stay vigilant against cyber threats! 🔐💻
The world’s fastest and most secure facial recognition and liveness detection vendor is offering a Zero Cost, Zero Commitment, Full Featured Proof of Concept.
Over 50 hours of engineering goes into customization of your mobile or web application. Live Chat, email, and telephone 24/7 support after implementation. Spaces are Limited.
Compatible with IOS and Android, RESTful API’s, completely integrated into your existing operations.
Customer Onboarding | Liveness Detection | Face Recognition (1:1 & 1:N) | Age Verification | Iris Detection | Fraud Prevention against 60+ Spoofing Attacks
Speed to value in replacing manual and outdated verification methods with 3D liveness detection and AI driven face recognition with unparalleled accuracy in under 1 second.
Patent pending, ibeta and NIST certified compliant with the highest levels of data protection. Control your data in your own data centers.
The notorious ALPHV/BlackCat ransomware gang has targeted Motel One, a well-known German hotel chain specialising in budget-friendly accommodations for both business and leisure travellers. 🏨
📂 Data Heist
The ransomware gang claims to have stolen a whopping 24,449,137 files, which is approximately 6 TB of data. This includes booking confirmations spanning three years. The exposed records contain sensitive information like customers' names, addresses, reservation dates, payment methods, and contact details. 😨
💳 Credit Card Data
Additionally, the stolen files also contain customers' credit card information and internal company documents, raising concerns about potential data breaches. The group warns of negative media attention and legal consequences if Motel One doesn't respond.
The hackers have set a deadline of five days for Motel One to meet their ransom demands, or they threaten to release the compromised data to the public.
🌐 ALPHV's Trail
The ALPHV ransomware gang has been highly active since November 2021, targeting various organisations worldwide, including Clarion, Solar Industries India, NJVC, Creos Luxembourg S.A., Moncler, Swissport, NCR, and Western Digital. Their ransom demands vary from tens of thousands to tens of millions of dollars.
Stay tuned for updates on this cyber threat! 🔒💻
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
💊 HealthHack: Tech is making it easier than ever to reach your fitness goals, from wearable devices to nutrition apps, this newsletter does the research for you, get all the latest health tech gadgets delivered to your inbox.
₿ Crypto Nutshell: A well written and beautifully designed newsletter giving you the lowdown on crypto and web3, highly recommend if interested to get up to date info on the crypto/web3 market.
🧠 Big Brain: Trending AI news, jobs and tools delivered in 3 minutes per day.
Let us know what you think!
In the world of modern software, APIs (application programming interfaces) are the unsung heroes, facilitating seamless data exchange between systems and platforms. Developers harness their power to integrate diverse functionalities into their apps. 🌐💻
However, this increased reliance on APIs has a downside – they've become prime targets for cybercriminals. API breaches are on the rise due to inadequate security measures. Many APIs lack proper protection, making them vulnerable to attacks. 😰🕵️♂️
Hackers are getting crafty, using techniques like code injections and manipulating responses to exploit API weaknesses. The consequences of an API breach are dire for businesses and consumers, leading to financial losses and data exposure risks.
📊 The Stats
A whopping 78% of cybersecurity professionals have faced API security incidents in the past year! 😮
💡 Challenges in API Security
Relying solely on API gateways and web application firewalls (WAFs) may leave gaps in security:
🔒 Granular Access Control: Basic authentication may not cut it for complex scenarios.
📈 Business Logic Attacks: Protecting against unique business workflow risks requires tailored security measures.
🔍 Threat Intelligence: Predefined rule sets might miss emerging threats.
🔐 Data Encryption: SSL/TLS secures transmission but not data at rest or end-to-end encryption.
🎯 Vulnerability Exploitation: Attackers can hit APIs before reaching gateways or WAFs.
👀 Visibility Gaps: Detecting API-specific threats needs specialised tools
📋 How Organisations Are Responding
78% have experienced API-related security incidents, leading 81% to prioritise API security more than ever. But, many lack visibility into sensitive data returned by APIs.
Stay informed and secure those APIs! 🔐💡
So long and thanks for reading all the phish!