FBI Cybersecurity Newsletter Highlights for the Week Ending June 30, 2022

Written June 30th, 2022

Post Tags: cybersecurity, FBI

Every week in the exciting and fast paced world of cyber security brings in a fresh look at the things bad actors will try to expand their sphere of influence over the rest of the world. Here are some of those highlights this week:

  • CISA has issued six bulletins in response to a cybersecurity vendor report of over 50 vulnerabilities present in Operational Technology devices that service the oil, gas, nuclear, and other industrial sectors.
  • IoT technologies have both improved our lives and attackers access to our accounts. Things such as WiFi enabled smart thermostats, cameras, light switches and coffee pots have long presented a vector for attack by bad actors. Now Hot Tubs have entered the mix. A security researcher has shown that a popular jacuzzi smartphone app has vulnerabilities that allow a hacker to manipulate the controls of the hot tub remotely.
  • A joint statement by security agencies in the US, New Zealand, and the UK is encouraging SysAdmins not to remove or disable PowerShell in their environments, but to rather reconfigure it to be more secure. They have released recommendations on steps that SysAdmins can take to reconfigure the tool.
  • The world’s largest software company has completed analysis of Russian cyber espionage post Ukrainian invasion. It reports that Russian state-sponsored hacking teams have targeted nearly 130 organizations across 42 different countries, with a sizable percentage of those being geared towards spying activities. Besides the Ukraine, the United States was the most targeted country by the Russian hacking teams.
  • A task force brought together by EUROPOL, the Belgian, and the Dutch Police have raided 24 homes in Europe, seizing property and arresting 9 individuals linked to millions of Euros being stolen by SMS and Email phishing and fraud operations throughout Europe.
  • ShopRite, Africa’s largest supermarket chain (3K locations, 149k employees, $6Billion in annual revenue) has been infiltrated by hackers. The attackers made off with over 600GB of stolen data, potentially containing credit card and PII data, and left ransomware on the grocery chain’s systems.
  • An anonymous hacker has announced via social media that they stole classified Russian documents that provide Russia’s tactics and plans related to UAV technologies – screen captures of stolen information were posted online.  The online hacking group has been targeting Russian military systems since the beginning of the war. [Note: do NOT try to access that information, as it could create a classified information spillage event on your system]

    Photo by Marija Zaric