October Cybersecurity Threat Highlights

Every month our partner, F-Secure, sends a report on the previous month’s common cybersecurity attacks. Here are some of the highlights, or lowlights, from October 2022:

• Major Ransomware Attacks Continue
  • A major car dealer in the UK, Pendragon, who own about 160 dealerships were hit by LockBit 3.0. It is reported that Pendragon will not pay the ransom even though LockBit 3.0 are threatening to release 2TB worth of the business’ data.

• Poland and Ukraine Governments under Siege
  • A new ransomware variant called “Prestige” hit the transportation departments for Poland and Ukraine, according to Microsoft’s Threat Intelligence Center (MSTIC). MSTIC has not said who is responsible for the attack; however, whoever did it had access to high-level credentials. They note that the victims align with the interests of “Russian-backed” threat groups.
• Github a hub for malicious code
  • A study by Leiden University in the Netherlands has examined more than 47,000 repositories on GitHub and found that about 10% contain some form of malicious code. Many were benign, but others “were designed to infect the user with RATs, infostealers, crypto-miners and Cobalt Strike.”
• Beware Fake LinkedIn Profiles
  • Bad actors use convincing fake LinkedIn profiles for social engineering campaigns. LinkedIn is attempting to detect the profiles and combat the problem by adding an “About this Profile” feature, an AI generated profile image detector, and by adding warning’s to certain direct messages.

F-Secure’s full report can be read here. If you would like to know how we could help your business protect against cybersecurity threats, contact us for more information.