Threat Intelligence Report - June 16, 2023.
The NetFire Threat Intelligence Report contains a weekly collection of key developments to be aware of along with action tips from NetFire.
NetFire Threat Intelligence Team
Threat Intelligence Report - Week Ending June 16, 2023
US Government Agencies Hacked As Part of Broader Cyberattack
Several U.S. government agencies and dozens of other organizations have been subjected to a major cyberattack, with hackers exploiting an undisclosed vulnerability in the file-sharing software MOVEIt. The Cybersecurity and Infrastructure Security Agency (CISA) is investigating the incident, which is believed to have been orchestrated by the known cybercriminal group, CL0P, and involves potential data theft and disruption of systems.
Read more: https://netfire.link/us-govt-agencies-moveit
LockBit Ransomware Gang Extorted $91M in 1,700 US Attacks
LockBit ransomware group has reportedly extorted about $91 million through around 1,700 attacks on U.S. organizations since 2020, making it the leading global ransomware threat in 2022. A joint advisory from international cybersecurity authorities recommends mitigation measures and highlights LockBit's evolution since its inception in 2019, including innovative extortion tactics, a ransomware bug bounty program, and a shift to accepting Zcash cryptocurrency payments.
Read more: https://netfire.link/lockbit-91m-extorted
6% of Employees Paste Sensitive Data into Generative AI Tools like ChatGPT
New research by LayerX reveals that 6% of employees paste sensitive data into Generative AI (GenAI) tools, like ChatGPT, posing a substantial data exfiltration risk to organizations. The report, which observes a 44% increase in GenAI usage over three months, calls for robust data protection measures to prevent sensitive information leakage, highlighting that source code, internal business information, and personally identifiable information are the most commonly exposed types of data.
Read more: https://netfire.link/employee-data-chatgpt
Johns Hopkins University and Health System Target of Cyberattack
Johns Hopkins University and Health System have fallen victim to a major cybersecurity attack that exploited a previously unknown vulnerability in the software MOVEit, potentially compromising the personal information of employees, students, and patients. In response, the institution is offering two years of free credit monitoring services to affected individuals, has engaged a leading cybersecurity firm for investigation, and is encouraging its community to take precautionary measures such as monitoring accounts, setting up fraud alerts, and staying vigilant against phishing attempts.
Read more: https://netfire.link/johnshopkins-moveitIs In-Office Work the Real Threat to Cybersecurity?
Is In-Office Work the Real Threat to Cybersecurity?
A study by the Farmer School of Business at Miami University indicates that in-office work presents a higher cybersecurity risk compared to remote work due to employee complacency and a reliance on the company's cybersecurity measures. Contrary to popular belief, remote workers demonstrated greater cybersecurity awareness and took more security precautions, highlighting the importance of promoting remote work arrangements and fostering a culture of vigilance and cybersecurity responsibility.
Follow NetFire and stay tuned for more insights.