At a glance.
- Ransomware exploits hypervisors.
- Gab breached.
- Data breach round-up.
Hypervisor attacks remove the middleman.
In an effort to maximize efficiency, cybercriminals are now attacking hypervisors, the computer servers organizations employ to manage virtual machines, allowing them to infect more computers simultaneously, reports CyberScoop. Security firm CrowdStrike found that two Eastern European ransomware gangs dubbed Sprite Spider and Carbon Spider were using malicious code to target the ESXi hypervisor. CrowdStrike’s vice president of intelligence Adam Meyers stated, “This development shows that the ransomware actors are continuing to find new targets, when we see more than one adversary evolve in this way, it likely signifies others will follow suit.”
Gab users outed in hacktivist breach.
On the heels of the Parler data breach and subsequent shutdown, social media platform Gab, also a gathering place for right-wing conservatives, has been hit by hackers, reports Wired. Hacktivist “JaXpArO and My Little Anonymous Revival Project" infiltrated the platform by exploiting an SQL injection vulnerability and harvested data from Gab’s backend databases. A group called Distributed Denial of Secrets is distributing what it’s calling “GabLeaks,” over seventy gigabytes of data equaling about 40 million posts obtained in the attack. The leak comprises public posts and profiles as well as private messages and passwords, including those of former US President Donald Trump and QAnon-conspiracy theorist and US Representative Marjorie Taylor Greene. DDoSecrets cofounder Emma Best described the data as “everything someone needs to run a nearly complete analysis on Gab users and content,” and the group will be sharing the bounty with researchers who aim to expose the actions of right-wing extremists.
Data breach round-up.
It’s been a bad week for not-for-profits. Faith-based philanthropy organization Volunteers of America Chesapeake & Carolinas disclosed that a phishing scam exposed the data contained in several employee email accounts, PR Newswire explains. Meanwhile, PR Newswire also reports that the Home for the Little Wanderers, a child and family service agency based out of the US state of Massachusetts, was also hit with an employee email breach. On the other side of the world, Yahoo News reports that Oxfam Australia’s databases were also hacked, exposing the data of recent campaign contributors.
In December the CyberWire discussed the Vancouver TransLink breach that exposed transit worker data. Unifor, the union that represents Vancouver transit operators, now says the transit company is withholding information regarding the attack, Peace Arch News reports.
The IT system being used by Ireland’s Health Service Executive (HSE) for the rollout of the COVID-19 vaccine experienced a data breach that exposed the data of thousands of vaccine recipients, reports Extra.ie. In yet another medical breach, Becker’s Hospital Review reports that the data of approximately 45,000 patients was exposed after hackers infiltrated two employee email accounts of US-based Covenant HealthCare. Staring College, a secondary school in the Gelderland province of the Netherlands, was compelled to pay off the attackers after a ransomware attack that locked down the institution’s network, the NL Times details.