Tag Archive for: Reports

ZEC reports Pachedu over bullying, hacking

/in


The Herald

Herald Reporter

IN a litmus test against cyber terrorists, the Zimbabwe Electoral Commission (ZEC) yesterday reported an anti-Zimbabwe shadowy group Pachedu to the police on a litany of allegations ranging from hacktivism to cyberterrorism.

This comes as the group, that has alleged links to some United States citizens, has openly boasted its ability to hack and manipulate the websites of not only ZEC, but also other Government departments.

In the past few weeks, Pachedu has been burning the candle to discredit ZEC ahead of next year’s harmonised elections, in an attempt to influence the manner and handling of the much awaited polls.

The clandestine actions from Pachedu, which is linked to the CCC, include hacking of the electoral management authority’s ICT infrastructure.

This prompted ZEC yesterday to report the group to the police in a case that has been opened at Harare Central Police Station under IR111760.

ZEC spokesperson Commissioner Jasper Mangwana confirmed reporting the matter to the police.

“We have made a police report on hacktivism, impersonification, unauthorised data mining and cyberterrorism/bullying at Harare Central Police Station,” he said.

In the past, Pachedu has been red-flagged by ZEC for its covert cyberwar, especially as the group has a habit of publishing voters’ information, which is a breach of the country’s laws.

Any abuse of the security of the voters consequently attracts legal action, with ZEC charged with safeguarding the voters’ private information.

According to the Data Protection Act, any person who, “knowing or suspecting that he or she must obtain prior authority to access data, computer programme, computer data storage medium, or the whole or any part of a computer system in question; and intentionally, unlawfully and without such authority, secures access to such data, programme, medium or system; shall be guilty of hacking and liable in any of the aggravating circumstances . . . to a fine not exceeding level 14 or to imprisonment for a period not exceeding ten years or both such fine and such imprisonment..”

Using similar tactics, Pachedu in 2018 released a doctored voters roll as they tried to poke holes in…

Source…

HomeTrust Mortgage Reports Data Breach in the Wake of Ransomware Attack | Console and Associates, P.C.

/in


On November 23, 2022, HomeTrust Mortgage reported a data breach with the Attorney General of Montana after hackers carried out a successful ransomware attack against the company, compromising consumer data stored on the company’s computer system. According to HomeTrust Mortgage, the breach resulted in the names, addresses and Social Security numbers of certain customers being compromised. Recently, HomeTrust Mortgage sent out data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.

If you were shocked to receive a data breach letter from a mortgage bank, you are not alone. Consumers implicitly trust companies—especially those in the financial services industry—to keep their information secure. Not surprisingly, these businesses are frequently targeted in cyberattacks because they typically store information that is valuable to hackers. However, as we’ve discussed in other posts, U.S. data breach laws allow for victims of a data breach to pursue a claim for compensation against any company that negligently leaked their data. While it’s too early to tell if HomeTrust Mortgage was negligent, that possibility cannot be ruled out.

What We Know About the Home Mortgage of America Data Breach

The available information regarding the Home Mortgage of America breach comes from the company’s filing with the Attorney General of Montana. According to this source, on July 15, 2022, HomeTrust Mortgage was made aware of suspicious activity within its computer system. In response, the company began working with third-party data security experts to better understand the incident and whether any consumer information was compromised as a result.

The HomeTrust Mortgage investigation confirmed that the company was victimized in a ransomware attack and that an unauthorized party had gained access to the HomeTrust Mortgage network. The investigation also revealed that the unauthorized party removed some of the files from the company’s network and that these files contained sensitive consumer information.

Upon discovering that sensitive consumer data was made available to an unauthorized…

Source…

Mirai Botnet Targeted Wynncraft Minecraft Server, Cloudflare Reports

/in


Performance and security company Cloudflare reported that it stopped a 2.5Tbps distributed denial-of-service (DDoS) attack in Q3 2022 launched by a Mirai botnet against Minecraft server Wynncraft.

The data comes from the company’s latest DDoS Threat Report, which includes insights and trends about the DDoS threat landscape in the third quarter of 2022.

“Multi-terabit strong DDoS attacks have become increasingly frequent. In Q3, Cloudflare automatically detected and mitigated multiple attacks that exceeded 1Tbps,” the company wrote in a blog post on Wednesday.

“The largest attack was a 2.5Tbps DDoS attack launched by a Mirai botnet variant, aimed at the Minecraft server, Wynncraft. This is the largest attack we’ve ever seen from the bitrate perspective.”

According to Cloudflare, the multi-vector attack consisted of UDP and TCP floods. Still, the Wynncraft server infrastructure held and “didn’t even notice the attack” since the security firm filtered it out for them.

“Even with the largest attacks […], the peak of the attacks were short-lived. The entire 2.5Tbps attack lasted about 2 minutes […]. This emphasizes the need for automated, always-on solutions. Security teams can’t respond quickly enough.”

More generally, however, Cloudflare said it noticed a 405% increase in Mirai DDoS attacks compared with the second quarter of 2022, alongside a general increment by other threat actors.

“Attacks may be initiated by humans, but they are executed by bots — and to play to win, you must fight bots with bots,” Cloudflare wrote.

“Detection and mitigation must be automated as much as possible because relying solely on humans puts defenders at a disadvantage.”

Among the most impactful DDoS attacks of the last few months worth mentioning are the August ones against Taiwanese Government sites, the ones targeting UK financial institutions in September and the KillNet ones disrupting the websites of several US airports earlier this month.

Source…

Forescout Reports on The Riskiest Connected Devices in Enterprise Networks at GITEX 2022

/in


  • Manufacturing sector has the highest number of affected devices

Dubai, United Arab Emirates: Forescout Technologies, the global leader in automated cybersecurity, released its findings about the riskiest devices in enterprise networks in 2022 at GITEX.

In this region, network-attached storage is the riskiest and these devices often have both easy-to-exploit vulnerabilities and internet connectivity, thus they are constantly targeted by threat actors for ransomware, botnets, crypto mining, or simply data destruction.

“At Forescout, we are keen to raise awareness and let government entities and businesses know exactly where the vulnerabilities lie with their network. Our research team has done a fantastic job identifying which industry verticals are being targeted relentlessly and which connected devices are most at risk, globally and here across the region,” commented Ihab Moawad, Vice President, Forescout, Middle East, Turkey, and Africa.

Manufacturing has the highest percentage of devices with high risk (11%), while government and financial have the top combinations of medium and high risk (43% for government and 37% for financial). Healthcare and retail have the lowest risk overall, with 20% of devices having medium or high risk in healthcare and 18% in retail.

The ranking of riskiest devices does not change considerably per industry, which shows that almost every organization nowadays relies on a combination of IT, IoT, and OT (as well as IoMT for healthcare) to deliver their business. It also means that almost every organization is affected by a growing attack surface. The riskiest IT and OT devices remain nearly constant across different regions, while the riskiest IoT devices change slightly and the riskiest IoMT devices change considerably.

“GITEX gives us this global platform to showcase our Automated Cybersecurity Solutions that protect any digital terrain. Forescout is here to help companies understand and mitigate risks that come with digital transformation, the rapid growth of IoT devices across organizations, and the convergence of IT and OT networks that is encouraging the rise of ransomware-as-a-service gangs,” added Moawad.

At GITEX 2022, organizations and…

Source…