Make sure to add us or contact us for the latest news
 |
 |
 |
 |
 |
 |
 |
Real-Time Service Alerts
Ransomware at the Sinclair Broadcast Group and Olympus attributed to Evil Corp.
The Sinclair Broadcast Group, which operates one-hundred-eighty-five television stations with six-hundred-twenty channels in eighty-six US media markets, has disclosed that it determined last Sunday that it had been subjected to a ransomware attack. The media company detected what it regarded as “a potential security incident” on Saturday, and is now in the process of recovery. The Hollywood Reporter says that some service disruptions continued into the early part of the week. NY1 reports that the attack involved, as is now routine in such criminal operations.
To recap, Sinclair discovered a possible incident Saturday, identified it as a cyberattack Sunday, and issued a public statement Monday, which the Wall Street Journal calls quick disclosure. Attempts to isolate and contain the attack began almost immediately upon detection.
Bloomberg reported Thursday that the Sinclair Broadcast Group was hit by the Russian cybercriminal organization usually known as Evil Corp. The attackers are said to have used the Macaw strain of WastedLocker ransomware (Emsisoft calls Macaw simply a rebranded version of WastedLocker). Evil Corp has been under US sanctions since December of 2019, which would complicate any attempt to buy back access to infected systems by paying the ransom. One purpose of adopting rebranded malware strains may be obscuring the fact that payment of ransom to the sanctioned entity amounts to a violation of US law. The gang’s two alleged leaders, Maksim Yakubets and Igor Turashev, were also indicted by the US at time sanctions were imposed. Sinclair’s recovery from the attack remains a work in progress: according to the Daily Beast, disruptions to business and production systems have continued into the week.
Macaw ransomware (and thus its proprietor, Evil Corp) are also said, by TechCrunch, to be responsible for ongoing attacks against Olympus.
What was that noise? Is it a ghost or one of the Monsters of Cybersecurity breaking in to steal your data? Learn how to ward off those foul fiends fast! READ IT IF YOU DARE!>>
Dark Web ID’s Top Threats This Week
Sinclair Broadcast Group
https://thecyberwire.com/newsletters/week-that-was/5/42
Exploit: Ransomware
Sinclair Broadcast Group: Television Station Operator
Risk to Business: 1.227 = Extreme
Sinclair Broadcast Group, the operator of 184 tv stations in 86 US markets, experienced a cyberattack last week that knocked broadcasts offline. The disruption was extensive, knocking local news broadcasts and syndicated programs offline. In some markets, NFL Sunday broadcasts were also disrupted. An unspecified amount of data was also stolen from the company’s network.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
Customers Impacted: Unknown
How It Could Affect Your Business: Locking down networks and production lines to cause operational disruption is the name of the game for many ransomware groups in order to force a speedy ransom payment.
IntegraMSP to the Rescue: Learn more about how ransomware is evolving, what we predict that you’ll see next, and how to protect your clients in Ransomware Exposed. GET THIS EBOOK>>
Ferrara Candy Company
https://www.forestparkreview.com/2021/10/22/candy-production-impacted-by-ransomware-attack/
Exploit: Ransomware
Ferrara Candy Company: Candy Manufacturer
Risk to Business: 1.822=Severe
Boo! Greedy cybercriminals unleashed their tricks on Ferrara Candy Company just one week away from Halloween. The company, maker of Brach’s Candy Corn, Nerds and Trolli gummies among other treats, has been in the confectionary business since 1901. Ferrara said that the attack briefly disrupted production operations. However, they were quick to assure anxious consumers that they didn’t need to worry about missing their Halloween favorites – Halloween orders were shipped to stores in August.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
Customers Impacted: Unknown
How It Could Affect Your Business Manufacturers have been increasingly falling into cybercriminals’ sights, especially at peak times in their respective industries.
IntegraMSP to the Rescue: Building cyber resilience helps insulate organizations from trouble like this. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>>
United States – CoinMarketCap
https://www.cryptodaily.co.uk/2021/10/CoinMarketCap-Data-Breach-Leaks-3-1-M-Email-Addresses
Exploit: Hacking
CoinMarketCap: Cryptoasset Tracker
Risk to Business: 1.702=Severe
Crypto evaluator CoinMarketCap has had a data leak. First reported by Have I Been Pwned, cybercrime researchers have discovered 3.1 million user email addresses from the site available on the dark web. The company initially denied the hack but ultimately owned up to the security blunder.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time. So far it’s only an email address list, no other information.
Customers Impacted: Unknown
How It Could Affect Your Business Attacks on the banking, crypto and fintech sectors have been growing, creating complications for every financial services organization.
IntegraMSP to the Rescue: See how to transform every employee into a security asset to become the real secret weapon that successful organizations deploy to fight cybercrime like phishing! WATCH NOW>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.