๐Ÿ MEDUSA sets her eyes on 2 new victims and sets ransom deadline ๐Ÿ’ฐ

Oct 04 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter thatโ€™s blowing up like the the Iphone 15 ๐Ÿ’ฅ

Todayโ€™s hottest cybersecurity news stories:

  • ๐Ÿ MEDUSA sets her eyes on 2 new victims and sets ransom deadline ๐Ÿ’ฐ

  • ๐Ÿ‘จโ€๐Ÿ’ป Something changed in the Matrix. BlackCat hacks Motel One ๐Ÿจ

  • ๐Ÿ”’ API Security Trends 2023: The writing is on the wall, cyber squad โœ๏ธ

Itโ€™s not set in stone ๐Ÿ‘€๐Ÿ™ˆ๐Ÿ˜‚

๐Ÿ”’ MEDUSA Cyber Attacks Strike Again! ๐Ÿšจ

The infamous MEDUSA ransomware group is back in action, targeting two high-profile companies and demanding hefty ransoms for their encrypted data's release. ๐Ÿ˜ฑ

๐ŸŽฏ New Victims

The latest victims on the MEDUSA group's dark web portal are Karam Chand Thapar & Bros. (Coal Sales) Ltd in India and Windak Group. This highlights the escalating threat from MEDUSA.

๐ŸŒ Global Impact

Windak Group, a Swedish cable packaging equipment manufacturer, faces a $100,000 ransom with a deadline of 9 days and change. Meanwhile, Karam Chand Thapar & Bros. in India is asked to pay $200,000 in less than 10 days.

๐Ÿ” Verification Pending

Cybersecurity watchdog, The Cyber Express, is working to verify these claims, but no official responses from the targeted companies have emerged yet. ๐Ÿ•ต๏ธโ€โ™‚๏ธ

๐ŸŒ Business as Usual

Despite the attacks, the victim websites seem operational, adding uncertainty to the situation.

๐Ÿ”„ Pattern Continues

MEDUSA employs a similar modus operandi by announcing their victims on their dark web platform, following a recurring pattern in their cyber attack claims.

๐Ÿ’ผ About MEDUSA

The group is known for its MedusaLocker Ransomware, targeting Windows machines through SPAM campaigns. They focus on healthcare, education, and data-rich enterprises and employ a double extortion tactic.

๐Ÿคฏ Their Tactics

MEDUSA exploits vulnerable Remote Desktop Protocols (RDP), uses deceptive phishing campaigns, and erases shadow copy backups to hinder data restoration.

Stay vigilant against cyber threats! ๐Ÿ”๐Ÿ’ป

Biometric Authentication: No Cost Proof of Concept

The worldโ€™s fastest and most secure facial recognition and liveness detection vendor is offering a Zero Cost, Zero Commitment, Full Featured Proof of Concept.

Over 50 hours of engineering goes into customization of your mobile or web application. Live Chat, email, and telephone 24/7 support after implementation. Spaces are Limited.ย ย 

Compatible with IOS and Android, RESTful APIโ€™s, completely integrated into your existing operations.

Customer Onboarding | Liveness Detection | Face Recognition (1:1 & 1:N) | Age Verification | Iris Detection | Fraud Prevention against 60+ Spoofing Attacks

Speed to value in replacing manual and outdated verification methods with 3D liveness detection and AI driven face recognition with unparalleled accuracy in under 1 second.

Apply Now for your own full featured Proof-of-Concept.

Patent pending, ibeta and NIST certified compliant with the highest levels of data protection. Control your data in your own data centers.

ALPHV/Black killed the ransomware star ๐ŸŽถ

๐Ÿšจ ALPHV/BlackCat Ransomware Strikes Motel One! ๐Ÿ˜ฑ

The notorious ALPHV/BlackCat ransomware gang has targeted Motel One, a well-known German hotel chain specialising in budget-friendly accommodations for both business and leisure travellers. ๐Ÿจ

๐Ÿ“‚ Data Heist

The ransomware gang claims to have stolen a whopping 24,449,137 files, which is approximately 6 TB of data. This includes booking confirmations spanning three years. The exposed records contain sensitive information like customers' names, addresses, reservation dates, payment methods, and contact details. ๐Ÿ˜จ

๐Ÿ’ณ Credit Card Data

Additionally, the stolen files also contain customers' credit card information and internal company documents, raising concerns about potential data breaches. The group warns of negative media attention and legal consequences if Motel One doesn't respond.

โณ Countdown

The hackers have set a deadline of five days for Motel One to meet their ransom demands, or they threaten to release the compromised data to the public.

๐ŸŒ ALPHV's Trail

The ALPHV ransomware gang has been highly active since November 2021, targeting various organisations worldwide, including Clarion, Solar Industries India, NJVC, Creos Luxembourg S.A., Moncler, Swissport, NCR, and Western Digital. Their ransom demands vary from tens of thousands to tens of millions of dollars.

Stay tuned for updates on this cyber threat! ๐Ÿ”’๐Ÿ’ป

๐Ÿ—ž๏ธ Extra, Extra! Read all about it!

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • ๐Ÿ’Šย HealthHack:ย Tech is making it easier than ever to reach your fitness goals, from wearable devices to nutrition apps, this newsletter does the research for you, get all the latest health tech gadgets delivered to your inbox.ย 

  • โ‚ฟ Crypto Nutshell: A well written and beautifully designed newsletter giving you the lowdown on crypto and web3, highly recommend if interested to get up to date info on the crypto/web3 market.

  • ๐Ÿง ย Big Brain: Trending AI news, jobs and tools delivered in 3 minutes per day.

Let us know what you think!

API think you should check yourself before you wreck yourself ๐Ÿ‘€

๐Ÿ”Œ API Security: Safeguarding Your Digital Backbone ๐Ÿ›ก๏ธ

In the world of modern software, APIs (application programming interfaces) are the unsung heroes, facilitating seamless data exchange between systems and platforms. Developers harness their power to integrate diverse functionalities into their apps. ๐ŸŒ๐Ÿ’ป

However, this increased reliance on APIs has a downside – they've become prime targets for cybercriminals. API breaches are on the rise due to inadequate security measures. Many APIs lack proper protection, making them vulnerable to attacks. ๐Ÿ˜ฐ๐Ÿ•ต๏ธโ€โ™‚๏ธ

Hackers are getting crafty, using techniques like code injections and manipulating responses to exploit API weaknesses. The consequences of an API breach are dire for businesses and consumers, leading to financial losses and data exposure risks.

๐Ÿ“Š The Stats

A whopping 78% of cybersecurity professionals have faced API security incidents in the past year! ๐Ÿ˜ฎ

๐Ÿ’ก Challenges in API Security

Relying solely on API gateways and web application firewalls (WAFs) may leave gaps in security:

๐Ÿ”’ Granular Access Control: Basic authentication may not cut it for complex scenarios.

๐Ÿ“ˆ Business Logic Attacks: Protecting against unique business workflow risks requires tailored security measures.

๐Ÿ” Threat Intelligence: Predefined rule sets might miss emerging threats.

๐Ÿ” Data Encryption: SSL/TLS secures transmission but not data at rest or end-to-end encryption.

๐ŸŽฏ Vulnerability Exploitation: Attackers can hit APIs before reaching gateways or WAFs.

๐Ÿ‘€ Visibility Gaps: Detecting API-specific threats needs specialised tools

๐Ÿ“‹ How Organisations Are Responding

78% have experienced API-related security incidents, leading 81% to prioritise API security more than ever. But, many lack visibility into sensitive data returned by APIs.

Stay informed and secure those APIs! ๐Ÿ”๐Ÿ’ก

So long and thanks for reading all the phish!

Recent articles