Cybercriminals remained as active as last week, from high-profile attacks on Sony to the FBI’s warning to the public about a recent nationwide increase in “Phantom Hacker” scams, which are significantly impacting senior citizens. In this post, we will review the top cybersecurity events from the first week of October 2023.
1. Sony Data Breach
Sony has confirmed that it was the victim of a data breach that impacted thousands of its current and former employees in the U.S. The breach occurred in May 2023, and the stolen data included names, Social Security numbers, and other personal identifiers. The breach was caused by a vulnerability in the MOVEit Transfer platform, which is used to transfer files securely. MORE
2. Qualcomm Zero-Day
Qualcomm has issued a warning about three zero-day vulnerabilities in its GPU and DSP drivers. These vulnerabilities could allow hackers to take control of affected devices or steal data. Qualcomm says that the vulnerabilities are being actively exploited by hackers. The company has released patches for the vulnerabilities, and it is urging users to update their drivers as soon as possible. MORE
3. Motel One Data Breach
Motel One, a German hotel chain, has disclosed a data breach after a ransomware attack.The company says that the attackers gained access to some of its customer data, including names, addresses, email addresses, phone numbers, and the details of 150 credit cards.
According to the company’s press release, a group of unknown attackers infiltrated its network, intending to launch a ransomware attack, but had limited success thanks to its effective protective measures. MORE
4. Microsoft Zero-Day
Microsoft has released key security updates for Edge, Teams, and Skype to patch two zero-day vulnerabilities in open-source libraries. The two zero-day vulnerabilities were discovered last month, and both bugs have been actively exploited to target individuals with spyware, according to researchers at Google and Citizen Lab. The vulnerabilities were discovered in two common open source libraries, webp and libvpx. MORE
5. Apple Zero-Day
Apple has released an emergency security update to patch a new zero-day exploit that was being used to hack iPhones and iPads. “Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6,” the company said in an advisory issued on last Wednesday. MORE
Besides this, the Federal Bureau of Investigation (FBI) is warning the public of a recent nationwide increase in “Phantom Hacker” scams, significantly impacting senior citizens.
“This Phantom Hacker scam is an evolution of more general tech support scams, layering imposter tech support, financial institutions, and government personas to enhance the trust victims place in the scammers and identify the most lucrative accounts to target.” the FBI said.
“Victims often suffer the loss of entire banking, savings, retirement, or investment accounts under the guise of “protecting” their assets.”
Between January and June 2023, 19,000 complaints related to tech support scams were submitted to the FBI Internet Crime Complaint Center (IC3), with estimated victim losses of over $542 million. Almost 50% of the victims reported to IC3 were over 60 years old, comprising 66% of the total losses. As of August 2023, losses have already exceeded those in 2022 by 40%.
The Federal Trade Commission (FTC) also revealed that people lost a staggering $2.7 billion on social media scams since 2021.
Reports show that scams on social media are a problem for people of all ages, but the numbers are most striking for younger people.
FTC said the most frequently reported fraud loss in the first half of 2023 was from people who tried to buy something marketed on social media, coming in at a whopping 44% of all social media fraud loss reports.
As we can see from the events of the first week of October 2023, cybercriminals are continuing to evolve their tactics and techniques. It is more important than ever for organizations and individuals to take steps to protect themselves against cyberattacks.
