Go to listing page

Cyware Daily Threat Intelligence, March 30, 2021

Cyware Daily Threat Intelligence, March 30, 2021

Share Blog Post

Extortion attempts are touching new heights in the era of ransomware 2.0 and the Clop ransomware gang knows how to play hard against its victims. To apply more pressure on its victims, the gang has started releasing a trove of sensitive data back-to-back. The victims include oil giant Shell, the University of Maryland, and the University of California.

Another known form of extortion threat—DDoS extortion—is also witnessing a persistent increase. In a first-of-its-kind, a European gambling company has witnessed the biggest and complex DDoS attack that reached over 800 Gbps.

Top Breaches Reported in the Last 24 Hours

Harris Federation hit
London-based Harris Federation has been badly affected by a ransomware attack during the weekend. As a result, 37,000 students from London and surrounding areas have been left with no connection to IT, phone, and email systems. Meanwhile, the organization has taken the necessary steps to block the ransomware from spreading further.

Shell data leaked
After hitting Shell, the Clop ransomware gang has publicly leaked passport and visa scans of selected workers as part of the extortion attempt. Earlier this month, the oil giant had admitted its system was compromised after attackers gained unauthorized access to various files.

Another extortion attempt
In another extortion attempt, the Clop ransomware gang posted screenshots of confidential documents allegedly belonging to the University of Maryland and the University of California online. These screenshots include sensitive information such as photos, names, home addresses, social security numbers, immigration status, and dates of birth of individuals. Other leaked data include financial details of institutions.

Healthcare affected
New York-based Personal Touch Holding Corp. has declared a data breach that affected more than 753,000 patients, employees, and former workers. The breach stems from a ransomware attack that was executed on its cloud service provider.

Top Vulnerabilities Reported in the Last 24 Hours

New flaws in Linux systems
Two new vulnerabilities discovered in Linux-based operating systems could let attackers bypass mitigations for speculative Spectre attacks and obtain sensitive information from kernel memory. The flaws are tracked as CVE-2020-27170 and CVE-2020-27171, patches for which were issued on March 20.

Top Scams Reported in the Last 24 Hours

Steam users targeted in a scam
Steam users have reported a scam that warns them of their Steam accounts being suspended. The scam, which plays on the fear and curiosity of users, is aimed at harvesting credentials. It asks users to message a Steam admin to solve the issue. If the connection with the Steam admin fails, the user is asked to contact them via Discord.

 Tags

linux systems
harris federation
university of maryland
npm package
ddos attacks

Posted on: March 30, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Learn More About Cyware Solutions!