BlackCat teases data stolen from HTC

HTC Global Services has confirmed it suffered a cyber attack after the BlackCat ransomware group leaked photos of what it claimed to be data stolen from the IT services and business consulting company. In a short statement, HTC said it has encountered a “cyber security incident” which it is investigating. The data reportedly stolen by BlackCat includes passports, contact lists, emails and confidential documents.

Full details about the nature and extent of the incident are unknown but it has been suggested that HTC was breached as a result of the Citrix Bleed vulnerability. Read more here.

Russian FSB accused of spear-phishing campaign against UK and US

Russia-based threat actor Star Blizzard is successfully using spear-phishing attacks against targeted organizations and individuals in the UK and US, as well as other geographical areas of interest, for information-gathering activity. Star Blizzard (formerly known as SEABORGIUM) is “almost certainly” subordinate to the Russian Federal Security Service (FSB) Centre 18 and has targeted academia, governmental organizations, defense, NGOs, think tanks and politicians, the advisory stated. Read the full story here.

DDoS attack-for-hire services thriving on Dark Web and cyber criminal forums

Demand for and availability of distributed denial-of-service (DDoS) attack-for-hire services is increasing despite significant platform takedowns. Hacktivists, financially motivated, state-backed and “script kiddy” threat actors all display interest in purchasing DDoS attack-for-hire platforms with the criminal market showing little sign of slowing, according to new findings. What’s more, early indications suggest developers are looking to innovate further, with discussion of combining DDoS attacks with other types of activity such as ransomware using the “threat-as-a-service” business model. There is more on this research here.

Cyber security risks lurk in popular messaging apps

Popular messaging tools like WhatsApp, Telegram, Teams and Slack are fueling new mobile device and web application threats in organizations, new data has indicated. Almost half (42 percent) of organizations have reported new security incidents linked to employees with bring your own devices (BYOD) using messaging apps in business environments. Furthermore, 66 percent of threat indicators are found in transient messages associated with cloud-based collaboration tools. Read more here.