Your Weekly DHS/CISA Threat Assessment (Aug …

Stay tuned for this update each week. This is a joint cybersecurity weekly product from the Missouri Information Analysis Center, St. Louis Fusion Center, Kansas City Regional Fusion Center and the Missouri Office of Homeland Security.

Ransomware via a call centre? BazaCall means no email attachment or link required for infection.

Unsuspecting users of Office 365 are being tricked by a cybercriminal gang into calling a bogus call centre, with the eventual intention of installing ransomware onto their computers. Microsoft has warned that fraudulent emails are being sent out, attempting to trick users into calling a phone number operated by a cybercrime group.

Ransomware Attempt Volume Touching Over 300 Million, Sets Record

A new investigation report has been published by SonicWall network security organization in which it stated that ransomware attacks have been increased rampantly in the first half of 2021, with 304.7 million attempted attacks observed by the organization. SonicWall researchers’ team has discovered several attempted ransomware attacks in both April and May, however, the record of these two months was knockdown by June, which recorded 78.4 million attempted ransomware attacks. According to the study, the total figure of ransomware attacks that has been observed by SonicWall in the first half of 2021 has broken the record of 2020’s total attempts. “Even if we don’t record a single ransomware attempt in the entire second half (which is irrationally optimistic), 2021 will already go down as the worst year for ransomware SonicWall has ever recorded,” the report read.

‘Holy Moly!’: Inside Texas’ Fight Against a Ransomware Hack

In 2019, ransomware had yet to emerge as one of the top national security concerns confronting the United States, an issue that would become the focus of a presidential summit between Washington and Moscow this year. But the attacks in Texas were a harbinger of the now-exploding threat and offer a vivid case study in what happens behind the scenes when small-town America comes under attack. Texas communities struggled for days with disruptions to core government services as workers in small cities and towns endured a cascade of frustrations brought on by the sophisticated cyberattack, according to thousands of pages of documents reviewed by The Associated Press and interviews with people involved in the response. The AP also learned new details about the attack’s scope and victims, including an Air Force base where access to a law enforcement database was interrupted, and a city forced to operate its water-supply system manually. In recent months, a ransomware attack led to gasoline shortages. Another, tied to the same hacking gang that attacked the Texas communities, threatened meat supplies. But the Texas attacks — which, unlike these prominent cases, were resolved without a ransom payment — make clear that ransomware need not hit vital infrastructure or major corporations to interrupt daily life.

The Olympic Cyber Defense Games: How the Tokyo Olympic Games Will Fare Keeping Cyber Attacks at Bay while the World Watches

Thanks to the COVID-19 pandemic, the whole world watched as the International Olympic Committee (IOC) postponed the Tokyo Olympics in 2020. Fast forward a year later and the change in sentiment — from excitement to weariness — is palpable in Japan and the rest of the globe. In fact, over 70 percent of the country wanted the IOC to cancel the games outright. And a resurgence of COVID cases throughout the country effectively cripples Japan’s ability to create revenue streams through international tourism and event attendance, resulting in an inevitable hit to its economy. But the IOC insists on pushing forward as the Olympic Games is a symbol of unity and resilience.

A Look at the 2021 CWE Top 25 Most Dangerous Software Weaknesses

The 2021 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses is a demonstrative list of the most common issues experienced over the previous two calendar years. These weaknesses are risky because they are many times easy to find, exploit, and can allow adversaries to take over a system, steal data, or prevent an application from working. The 2021 CWE Top 25 can help developers, testers, and users — as well as project managers, security researchers, and educators — provide insight into the most severe and current security weaknesses.

92% of Pharmaceutical Companies Have At least One Exposed Database

Reposify released its Pharmaceutical Industry Attack Surface Exposures Report examining the security posture of the world’s leading pharmaceutical companies. The report analyzed eighteen leading pharmaceutical companies and their nine hundred plus subsidiaries worldwide to assess the prevalence of exposures of services, sensitive platforms, unpatched CVEs and other security issues. “The pharmaceutical sector is one of the largest contributors to the global economy and human welfare,” said Uzi Krieger, CEO of Reposify.

5 Riskiest Mobile Apps

Unsanctioned software and applications running on corporate mobile devices is a security nightmare. These can range from meeting genuine business needs—commonly referred to as Shadow IT—such as efficient, remote communication with colleagues or corporate document management via downloadable messaging and file sharing apps, to using apps for non-work-related lifestyle or entertainment purposes such as socializing, fitness, gaming, and watching sports. The risks posed to businesses by unsolicited apps have intensified since the outbreak of the COVID-19 pandemic and subsequent move to mass remote working, says Kelvin Murray, senior threat researcher at Webroot. “With fewer face-to-face meetings and interactions, employees are looking for new methods to communicate without the formality of an email or Teams call,” he says. “However, with new attack tactics, exploits, and tools emerging through unsolicited apps, mobile devices and apps have never posed as great a threat to organizations as they do now.”

Survey: Nearly 3 in 4 Organizations Suffered Data Breaches Due to Phishing

A survey released Tuesday indicates 73% of organizations have suffered data breaches caused by phishing attacks in the past calendar year. The 2021 Insider Data Breach Survey polled 500 IT leaders and 3,000 employees in the U.S. and U.K. across the financial services, health care and legal fields. It suggests a correlation between the increase in remote work and increased risk organizations face securing their networks, with 53% of IT leaders surveyed reporting an increase in incidents caused by phishing. Millions of Americans were displaced from traditional offices last year due to the coronavirus pandemic, and while many companies consider new back-to-work models, some may elevate their firm’s risk profile, according to the survey. Half of respondents expressed concerns over future hybrid working models, stating such models would make it harder to prevent breaches caused by malicious email attacks.

Remote and Hybrid Working Makes Preventing Phishing Harder

A new survey from Egress of 500 IT leaders and 3,000 employees across the US and UK finds that 73 percent of organizations have suffered data breaches caused by phishing attacks in the last year. In addition 53 percent of IT leaders report an increase in incidents caused by phishing since the widespread adoption of remote working. There are also concerns over future hybrid working, with 50 percent of IT leaders saying it will make it harder to prevent breaches caused by malicious email attacks. Egress VP of threat intelligence Jack Chapman says, “Organizations are being bombarded by sophisticated phishing attacks. Hackers are crafting highly targeted campaigns that use clever social engineering tricks to gain access to organizations’ most sensitive data, as well as leapfrog into their supply chain. Phishing is also the most common entry point for ransomware, with potentially devastating consequences.”

Related: Download the VMWare Global Incident Response Threat Report.