Cybersecurity News Update: Week of September 19th, 2022

Hello and welcome back to our cybersecurity run down. Here's the latest recap of the biggest cybersecurity news in the last week.?

The LockBit ransomware operation, which is normally focused on attacking others, is getting a taste of its own medicine after experiencing a data breach. An allegedly disgruntled developer is responsible. According to?Bleeping Computer,?the LockBit ransomware operation released version 3.0 of their encryptor in June, codenamed LockBit Black.?The new version promised to 'Make Ransomware Great Again,' adding new anti-analysis features, a ransomware bug bounty program, and new extortion methods. But,?LockBit suffered a breach, with someone leaking the LockBit 3.0 builder on Twitter.

With cyber attacks bombarding business and consumers seemingly every minute, governments worldwide are losing patience. At the WSJ CIO Network Summit, Cybersecurity and Infrastructure Security Agency's Brandon Wales said that over time properly addressing cybersecurity - and investing in it - "should become standard for every publicly traded company." The UK's National Cyber Security Centre Chief Executive Lindy Cameron, who also attended the WSJ event, said it is "too often that an organization wasn't prepared" for a cyber incident and "are all too ready to pay to restore their data, which in turn feeds the issue."?

American Airlines has reported a breach of a “limited number” of employees’ email accounts. The disclosure, which was made on September 16th, said the breach was discovered in July. In the incident,?the hacker may have had access to certain medical information the employee provided, as well as date of birth, mailing address, phone number, email address, driver’s license number and passport numbers. The airline has also said that it is aware of a phishing campaign that impacted only a very small number of customers and employees.?

Since at least mid-2019, threat actors have been impersonating various US government departments in phishing attacks targeting the Microsoft 365 credentials of government contractors. The attackers have been sending phishing messages spoofing various departments, including the US Departments of Commerce, Labor, or Transportation to target organizations in various sectors, with a focus on energy and professional services, including construction. The threat actors have created emails which claim to request bids for government projects that appear legitimate.?

The security breach that impacted Uber last week was not only the work of Lapsus$, but of?an 18-year-old?who has also claimed responsibility for breaking into video game maker Rockstar Games. That hack took place?last weekend . Lapsus$ is known for carrying out attacks against large technology companies. It's been successful this year, with hacks at?Microsoft, Cisco, Samsung, Nvidia and Okta.??

That's a wrap! For more information visit our blog!