U.K. Criminal Records Office struggling from cyber incident / Hackers increasingly using Telegram / Sentiment recovers $870,000

Plus: Medusa ransomware hacks the Open University of Cyprus

Inside.com Part of   Network April 06, 2023

Presented by

The U.K. Criminal Records Office is struggling to recover from a cyber incident that happened two months ago. Researchers claim that personal information could potentially have been leaked. More: ACRO is the U.K.'s national law enforcement organization responsible for managing and sharing criminal record information with other countries. British authorities have stated that hackers could have stolen identification information and criminal conviction data for specific British individuals. The organization has been attempting to recover from the incident since Jan. 17 but has failed to do so. The Criminal Records Office stated that so far, it has no direct evidence that personal data has been affected, while researchers believe threat actors may have taken advantage of the incident.

Hackers are increasingly using Telegram to hack victims, according to a new report. The messaging app is being used for phishing campaigns. More: According to the report, hackers are increasingly using Telegram channels to sell subscriptions for phishing kits. The hackers also provide updates and anti-detection systems. The phishing kits presented as part of these campaigns are relatively simple, as they use a script that receives user credentials and forwards them to the bot. Access to these Telegram groups is sold for anywhere from $10 to $300.

A message from ZSCALER See how zero trust can reduce the financial risk of ransomware attacks. Protecting your important files and data in today's evolving ransomware landscape requires a different approach to cybersecurity. Ransomware attacks increased by 80% over the past year, with high-impact, headline-making incidents continuously growing in volume and scope. Cybercriminals are getting bolder, their attacks are becoming more sophisticated, and ransom payments keep getting bigger—and no industry is off-limits. Yesterday's anti-malware and anti-ransomware tools just aren't the best defense anymore.  Explore the ROI Ransomware Risk Calculator to see the financial risk of ransomware for your industry and how to reduce it with a cloud-native zero-trust platform. Calculate now

Sentiment has recovered $870,000 after negotiating with the hacker who stole over $1M worth of crypto from the company. The hacker was offered $95,000 to return 90% of the stolen funds. More: Sentiment sent a message to the hacker offering $95,000 if the hacker returned the funds by April 6, urging the hacker to return them. Initial estimates of the lost funds were around $500,000, but after a while, community members stated that the losses stood at around $1M. Some reports have claimed that the attack may have been a re-entry attack, while others said that the threat actor relied on a bug.  The company threatened to offer a public bounty of $95,000 for anyone with information on the case if the threat actor didn't return the funds. The breach occurred on April 4.

The Medusa ransomware group has cyber-attacked the Open University of Cyprus. The group claims it would delay publishing the data by one day for $10,000. More: OUC is a remote online university based in Nicosia, Cyprus. The university has over 4,200 students. Today, the Medusa ransomware group made a new claim, giving the university 14 days to respond to its ransom demands. The group has asked for $100,000 to either delete the data or sell it to a bidder. Unlike other ransomware actors, Medusa also cyberattacks education institutions. The breach has forced the university to provide deadline extensions on assignments for students, most of which will be decided by the professors. Zoom Out: At the beginning of March, the hacker group targeted the Minneapolis Public Schools district, demanding a ransom of $1M.

Google is set to begin implementing a new data deletion policy for Android apps. The policy will go into effect in early 2024. More: Google claims that this feature is important so that users can request account and data deletion without having to reinstall an app. The company's goal is to have an option that makes it easy to initiate an app account deletion process from both within the app and outside of it. Google added that temporary account deactivation, disabling, or freezing of the app account does not qualify as account deletion. The new policy is expected to go into effect early next year. Developers have until Dec. 7, 2023, to submit answers to the data deletion questions in the app's data safety form.

Quick Hits: Unleash Google Cloud's full potential! Learn with hands-on tutorials in the GCP Cookbook. Download your copy now.* Authlete, a Japan-based company that provides digital identity and API security services, has raised $4M from SBI Digital Asset Holdings. Microsoft announced that Rockstar Games fixed a bug that caused Red Dead Redemption 2 to crash on Windows 11 devices. Researchers have tracked a BlackCat ransomware affiliate exploiting three known security bugs. IRS-authorized tax platform eFile.com is spreading JavaScript malware, according to reports. Brilliant is the best way to improve cutting-edge technology like AI, neural networks, etc. Try it free for 30 days.* *This is sponsored content.

Upcoming events at Inside: April 06 - Inside Marketing Coffee Break w/ Jeremy Sporn (Royce Brook Media) (Register Here) April 07 - US Visa and Green Card Options for Immigrant Founders and Employees (Watch Here) April 13 - Inside Interview with Lacework - The Evolution of Cloud Security w/ Ulfar Erlingsson (Watch On Demand) April 14 - Inside Interview with Landing - The Ultimate Corporate Housing Resource with Torger Philosophos (Register Here) April 18 - Human Resources Summit'23 (Register Here) April 18 - Inside Interview with TravelBank: Why Employee Happiness Is Falling More Into The Financial Sector (Watch On Demand)

Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. Editor Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords.

Learn how the encrypted threat landscape has evolved in The State of Encrypted Attacks Report.

767 Bryant St. #203, San Francisco, CA 94107 Copyright © 2023 Inside.com

Did someone forward this email to you? Head over to inside.com to get your very own free subscription! You received this email because you subscribed to Inside Security. Click here to unsubscribe from Inside Security list or manage your subscriptions.