The personal data exposed included Facebook ID numbers, names, phone numbers, dates of birth and location. The breach affected 530 million Facebook users from 106 countries. The breach was more of a screen scrape than a technical hack. Microsoft quickly released patches for the Exchange Server vulnerabilities, but Hafnium continued to find unpatched Microsoft Exchange servers to exploit by performing internet scans.įacebook was, yet again, the victim of a data breach in April 2021. This cyberattack is thought to have affected around 30,000 U.S. Notably, web shell attacks have doubled in 2021. This remote connection is used to exfiltrate data. Once access was established, Hafnium then used a web shell to establish remote control over the server. The three-step process behind the cyberattack was performed initially using stolen credentials or exploiting Exchange Server vulnerabilities. March 2021 also saw the Chinese state-sponsored hacking group, Hafnium, exploit four zero-day vulnerabilities within the Microsoft Exchange server. The continuing chain of infection events involved the creation of new domain user accounts, the installation of Cobalt Strike's Beacon (a legitimate tool used to model threat actors the tool executes PowerShell scripts, etc.), and disabling of anti-virus software. ReEvil typically uses phishing and attempts at remote desktop login using credentials stolen in earlier data breaches to begin the process of infection. ![]() The latter tactic is increasingly common during ransomware attacks to use as leverage to ensure the ransom is paid. The infection encrypted data, making operations impossible, and a large amount of sensitive data (including bank account details) was stolen. The hacking group ReEvil, also known as Sodinokibi, is thought to be the perpetrator of the ransomware attack on Acer. In March 2021, electronics manufacturer Acer became a victim of ransomware, leading to the largest ransom in history: $50 million. Mimecast has over 60,000 companies using their services the exact figure of potential data records breached is unknown. Mimecast’s stock dropped by 5% after the breach, which affected around 10% of its customer base. " Our investigation also showed that the threat actor accessed, and potentially exfiltrated, certain encrypted service account credentials created by customers hosted in the United States and the United Kingdom, ” a Mimecast statement said. The attack was believed to have also involved stolen privileged credentials: Mimecast researchers believe the attack was part of large-scale targeting of certain types of organizations. ![]() The digital certificate, used in authentication of Mimecast Sync and Recover Continuity Monitor, and IEP to Microsoft 365 Exchange Web Services, was hacked by the hacking group behind the SolarWinds attacks of late 2020, aka Nobelium. ![]() In January 2021, a compromised Mimecast digital certificate became the center of a data breach storm. In 2021, several key cybersecurity events occurred, including: As 2020 closed and 2021 began, the situation vis-a-vis data breaches continued to escalate. In 2020, there was a reported 667% increase in phishing-related cybercrimes. The sudden move to home working meant that security policies designed for the office were no longer enough to contain the threat of increased use of personal devices, insecure Wi-Fi, identity and access management enforcement and so on. The Covid-19 pandemic not only caused worldwide health issues but also caused cybersecurity problems. 7 of the most impactful data breaches of 2021Ģ021 comes on the heels of 2020, a year unlike most in my lifetime.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |