Happy Friday! Let’s recap some of this week’s top cybersecurity headlines…
Two weeks ago, Casio, an electronics giant in Japan, was hit with a ransomware attack which compromised sensitive company data, personal information of employees, contractors, business partners, and job applicants. The attack caused a system failure which rendered many systems unusable and forced the company to disconnect its servers to stop the spread of the attack.
The company is struggling to bounce back after the attack and is still in recovery mode. Their ability to place, receive, and schedule orders and shipments has been affected, and Casio is working to prioritize its customers while moving forward with recovery.
Only customers in Japan appear to be affected at this time, with the Casio US website still functioning normally.
(–Source: TechCrunch on MSN
Read More: Casio says ‘no prospect of recovery yet’ after ransomware attack (msn.com) )
Gmail’s more than 2.5 billion users are being targeted by hackers in a new scam using realistic AI scam calls. The scam involves the user receiving a realistic account recovery attempt email that aims to trick the user into clicking the link within the email and filling in their account information on a fake login page. If the user does not fall for the email, they will receive a phone call from what appears to be a legitimate Google support number.
If the call is answered, a realistic sounding AI voice will be on the other end, confirming that suspicious activity was detected on the user’s account involving an attacker having access to and downloading all of the user’s information. The AI voice will then attempt to get the user to take actions that appear to be a account security measures, but will really result in giving the hackers behind the scheme access to the user’s Google account.
Google is teaming up with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to investigate and work to combat scams like this one.
(–Source: Tom’s Guide on Yahoo! News
Read More: Billions of Gmail users at risk from sophisticated new AI hack — how to stay safe (yahoo.com) )
A hacker with the alias IntelBroker posted a thread earlier this week on BreachForums claiming to have information from the recent breach on Cisco for sale. The supposed archive of data for sale contains a plethora of information including various projects, credentials, and confidential documents.
Because of this claim, Cisco has announced that they have launched an investigation to look into the matter.
(–Source: TechRadar on MSN
Read More: Cisco investigates breach after data put up for sale on BreachForums (msn.com) )
You may remember the the recent headlines about the major data breach of background check company National Public Data that exposed personal information of 2.7 billion people. Earlier this month, National Public Data filed for Chapter 11 bankruptcy after facing an estimated 20 class-action lawsuits and regulatory challenges by the FTC following the attack.
(–Source: Yahoo! News
Read More: National Public Data Files for Bankruptcy Following Massive Data Breach (yahoo.com) )
Game Freak, a well-known game developer who develops the main lineup of Pokémon games, had sensitive data leaked after an unauthorized third party had unauthorized access to their systems from as long ago as August of this year.
The information obtained by the hackers includes around 2,600 items of employee information including names and company email addresses, as well as source code from previous games, unused Pokémon designs, and limited details about future projects.
Game Freak confirmed that its servers have been secured and they are taking measures to amplify its defenses.
(–Source: The Verge on MSN
Read More: Pokémon developer faces major data leak (msn.com) )
The Internet Archive has had a rough few weeks of being harassed by hackers with multiple cyberattacks, but it’s unclear if all of the attacks were carried out by the same party.
Direct from the MSN article: “For reasons that are not clear, the Archive has been the victim of at least three recent attacks: the theft of tens of millions of users’ usernames and email addresses; a brief defacement of the site; and repeatedly being knocked offline for days by overwhelming it with traffic, a tactic known as a Distributed Denial of Service (DDoS) attack.”
The Internet Archive is currently functioning in read-only mode as their team is playing it safe in the case that service is suspended again.
(–Source: The Internet Archive has faced a barrage of cyberattacks (msn.com) )