Hacken Token
$ -- --.--

Weekly News Digest #51

Third-party security breach: customer data of my MyRepublic were compromised

According to the data provided by MyRepublic, the data belonging to 80,000 of its subscribers were compromised as the result of the breach affecting a third-party data storage platform. The affected system contained such data as subscribers’ national identity cards’ scanned copies and foreign residents’ residential addresses. The incident was uncovered on 29 August this year and the company notified relevant authorities, including Infocomm Media Development Authority (IMDA) and Personal Data Protection Commission, of the incident. 

The company noted that the incident was “contained”. The company did not disclose information on whether it was the only party affected by the breach. The company also did not share the details on the frequency of security checks it performed. According to the statement made by the company, an unknown third party provided information on this security incident. MyRepublic noted that the incident response team, including external advisers from KPMG, was activated.

Read more

Data belonging to United Nations stolen by hackers

According to the information provided by researchers from the cybersecurity firm Resecurity, hackers have stolen data by breaking into the United Nations computer network. Malicious actors used the login credentials stolen from the UN employee to gain access to the network. The username and password used by hackers were likely to be bought on the dark web. The chief executive officer at Resecurity Gene Yoo states that such organizations as the UN are high-value targets for hacker groups. 

The key goal of the attacker was to carry out long-term intelligence. The network intrusion might have taken place between April 5, 2021, and August 7, 2021. However, there is no evidence of whether attackers damaged the functioning of the UN’s computer network. The only motivation of hackers was the collection of information. The company Resecurity was working closely with the UN to determine the scope of the intrusion. 

Read more

One of three suspicious emails reported by employees are malicious

All the time companies spend to provide training to employees on cybersecurity is paying off. For example, one of three emails reported by employees as suspicious is, in fact, malicious emails used by hackers to carry out phishing attacks. The statistic data were collected by the company F-secure that conducted the analysis of 200,000 emails flagged by employees from organizations worldwide. Phishing is one of the most popular techniques used by malicious actors to reach their targets, namely, lure victims to provide their personal data or download malware.

Phishing emails may claim to come from the post office or bank. The common feature of phishing emails is the attempt to convince victims to do something, for example, to click on a link. Emails are the most popular channels used by malicious actors for phishing and they account for more than 50% of all phishing incidents. According to F-Secure, the company that, on average, employs 1,000 employees reports on 116 suspicious emails per month.  

Read more

New Zealand banks and post office hit by a cyberattack

The website of a number of financial institutions and national postal service were briefly down on 8 September 2021. According to the statements made by officials, the entities were addressing cyberattacks. The Computer Emergency Response Team (CERT) was aware of the massive DDoS attack targeting national organizations. CERT was monitoring the situation and actively communicated with the affected parties.

The list of affected parties includes Australia and New Zealand Banking Group’s (ANZ.AX) New Zealand site and NZ Post. Some ANZ customers could not access online banking services while NZ post stated that the technical issue was attributable to one of its third-party suppliers. Some customers reported to social media that Kiwibank faced one of the biggest issues due to the attack. 

Read more

Eastern Europe is becoming a hotbed for crypto scams, investors are losing millions

According to the recent analysis, Europe is becoming a hotbed for crypto scams, only Africa is ahead. The addresses in the region have a high rate of exposure to illicit transactions. The analysis was conducted by the blockchain forensic firm Chainalysis. A little-known billion Ponzi Scheme accounted for more than half of the funds that were sent to malicious actors in the region. Illegal crypto activity accounted for close to 0.5% of the total crypto value circulating in the region that, in absolute figures, amounted to $400 million.

Illicit crypto flows are likely to keep growing since the market continues rising. One of the most popular malicious schemes is an exit scheme whereby founders of online businesses exit without returning their investors any funds. such schemes, apart from crypto businesses, are also attributable to high-yield investment companies.

Read more

Subscribe to our research

Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.

    hackenproof logo

    The world trusted Bug Bounty Platform. Run custom-tailored Bug Bounty Programs to secure your business and assets.