Microsoft claims it stopped Russian cyberattacks against NATO / U.K. water company claims water supply is safe / Mailchimp flaw exposes user accounts

Plus: Almost 7M internet users have tried to download infected browser extensions

Inside.com Part of   Network August 16, 2022

Presented by

Microsoft claims that it has disrupted a Russian hacker group known as Seaborgium. The company allegedly stopped the group from cyberattacking several NATO countries. More: Seaborgium is also tracked as Callisto Group, ColdRiver, and TA446. The hacker group has directed most of its attacks toward targets in the U.S. and U.K. but has been known to attack other European countries as well. According to Microsoft, Seaborgium has breached over 30 targets in recent years.  Victims are sent a link that redirects them to a domain controlled by the threat actor. Once they click the link and log in, the page creates a mirror used to complete the breach. The group's main goal is data theft and cyber espionage.

U.K. water company South Staffordshire PLC stated that its water is safe after hackers claimed they had contaminated water supplies after a breach. The company did, however, admit that it was hacked. More: South Staffordshire owns South Staffs Water and Cambridge Water. South Staffordshire Water is a utility company that manages drinking water for more than 1.6 million people in the U.K. A hacker group known as Sl0p stated that it has access to security keys that could contaminate the water source for the millions of citizens who depend on it. Researchers claim that if the breach did happen, it might be related to a recent VNC hack that exposed thousands of unprotected VNCs across Europe.

A message from QUANTUM Save Your Data Before It Needs Saving - Air-Gapped Protection: Reliable and Cost-Effective Paying a ransom may sound like the best case scenario: get your data back, make your customers feel worth it. But actually, it can affect your business in other ways and may, in some cases, be illegal. Make sure your systems are protected across the entire data lifecycle - and never pay a ransom again. You’re able to balance cost while maximizing efficiency. No one can stop ransomware or fully prevent it from taking place - but you can make sure you’re protecting your customers and your data by ensuring that there is a fully air-gapped solution. Request A Demo

Researchers are warning customers that a newly tracked MailChimp security flaw has exposed customer email addresses. Some of the users have received password reset requests without their authorization. More: The security flaw was tracked after a company was unable to access its MailChimp account two weeks ago. After contacting MailChimp, the company was informed that the account had been closed by them as a security measure. Soon after, the company received a password reset email that it didn't initiate. A total of 214 accounts were hacked, while the threat actor used phishing and social engineering as threat vectors. Hackers targeted the victims through an email domain that has been known to be used for illegal activity.

Nearly 7 million internet users have tried downloading malware-infected browser extensions since 2020. 70% of the hacking campaigns used adware as a threat vector. More: Over 4.3 million individuals were targeted with adware hacking campaigns in the period between Jan. 2020 and June 2022. The statistics are part of a research publication by the Russian anti-virus company Kaspersky.  Since the numbers only include internet users who use the anti-virus software, the realistic numbers of those targeted with adware are likely to be much higher. The most commonly used malware of this type is "WebSearch" and "AddScript." The malware is written in Javascript and targets those who want to download videos, while other popular malware targets users who want to convert PDF and Word files.

A message from SECURITY COMPASS We’ll show you a real-world example of how to release secure software faster! In this webinar, see a pragmatic example of how development and application security teams at one company use a developer-centric approach to scalably model software threats and deliver secure, compliant code quickly. Discover how a developer-centric approach to security removes security roadblocks and accelerates software releases Learn how developer-centric threat modeling diagrams can be used to automate and improve software threat modeling processes See how using trusted reusable components increases software developer productivity View examples of reports that can be used to provide visibility into the state of security and compliance across your application portfolio Join us on Wednesday, August 17, 2022 | 1:00 PM EST Save your seat

Multi-stage phishing attack cases have increased by 625% in Q2 2022. Multi-stage attacks are known for being more complex and involving phone numbers, emails, and direct communication with the target. More: The findings were published in a report released by security researchers. These attacks, also known as vishing, comprised 25% of the total number of response-based scams. Other types of attacks include 419 scams with 54%, business email compromising with 16%, and job scams with 5%. Gmail was the most hacked email service, with 72% of the cases being users of the email service. 73% of BEC attacks in Q2 were launched using free webmail.

Quick Hits: Quality products made specifically for a man’s nether region. Get 20% off + free shipping at manscaped.com. Your balls will thank you®.* At least two new vulnerabilities have been tracked in Intel chips. Researchers have found security flaws that can be used to breach geo-fencing technology RTLS. Programmable logic controllers have been found vulnerable to exploits. The flaw can be used to hack engineering workstations and enterprise networks. Same old marketing automation not cutting it these days? Get our eBook and power up your customer experiences.* *This is sponsored content.

Upcoming events at Inside: August 17 - AMA with Atin Batra (27V) (Register Here) August 24 - AMA with Matt Mahar (Cana) (Register Here) August 31 - AMA with Sophia Amoruso (Business Class) (Register Here) September 07 - AMA with Andrew Gazdecki (MicroAcquire) (Register Here) September 09 - AMA with Jay Ryan (Security Compass) (Register Here) September 14 - AMA with Brian Dean (Backlinko) (Register Here) September 21 - AMA with Kristen Ruby (Ruby Media Group) (Register Here) September 28 - AMA with Leigh-Ann Buchanan (aīre ventures) (Register Here) October 12 - AMA with Bill Glenn (Crenshaw Associates) (Register Here) October 25 - Meet Our Fund 4, an Inside.com Summit (Register Here)

Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. Editor Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords.

With Quantum, we shift the focus from accumulating data to making it work for you.

Security Compass is on a mission to accelerate software time-to-market while managing risk.

767 Bryant St. #203, San Francisco, CA 94107 Copyright © 2022 Inside.com

Did someone forward this email to you? Head over to inside.com to get your very own free subscription! You received this email because you subscribed to Inside Security. Click here to unsubscribe from Inside Security list or manage your subscriptions.