Here are some interesting updates about cybersecurity threats and new trends.
Global Crackdown: 27 DDoS-for-Hire Platforms Taken Down in Operation PowerOFF
Operation PowerOFF, a coordinated international effort lead by Europol, successfully stopped a major cybercrime operation targeting the holiday season. This operation engaged law enforcement agencies from 15 nations and aimed to dismantle 'booter' and 'stresser' websites used in Distributed Denial-of-Service (DDoS) attacks.
The operation successfully took down 27 major DDoS attack platforms, including zdstresser.net, orbitalstress.net, and starkstresser.net. Three administrators who administered these illegal platforms were detained in France and Germany, and over 300 members were identified for further investigation.
Europol's European Cybercrime Centre (EC3) was crucial in coordinating the multinational effort, enabling operational meetings, conducting technical sprints, and providing analytical support and forensic aid. The Joint Cybercrime Action Taskforce (J-CAT) also helped to exchange information.
To avoid such incidents Operation PowerOFF will launch an internet ad campaign targeting potential offenders via Google search and YouTube ads. Additional preventive efforts include knock-and-talks, warning letters, and emails to illegal service users.
Source: Europol
Healthcare Management Firm Regional Care Hit by Major Cybersecurity Incident
Regional Care, Inc. (RCI) suffered a serious data breach on September 18, 2024, when unusual activity was spotted in their computer network. An unauthorized entity gained access to and may have obtained sensitive files containing confidential consumer information from RCI's network. The leaked data includes impacted persons' names, birth dates, Social Security numbers, medical information, and health insurance information.
RCI quickly responded by shutting down its systems, confining the event, and conducting an investigation to ascertain the scope of the breach. On November 8, 2024, the firm finished its assessment of the hacked data, identifying the particular information disclosed as well as the individuals affected.
On December 16, 2024, RCI filed a notice of data breach with the Attorney General of Maine and began mailing out notification letters to all affected persons. These letters tell victims about the precise information that was compromised during the incident.
Source: JD Supra
Massive Cyberattack Exposes 1.4 Million Records at Texas Tech Health Centers
Texas Tech University has suffered a huge data breach, affecting over 1.4 million people. The incident, which targeted the university's Health Sciences Center and Health Sciences Center El Paso, was found in September 2024, following a ransomware attack that temporarily disrupted computer systems and apps. The university's research indicated that attackers gained unauthorized access to its network between September 17 and September 29, 2024, and exfiltrated confidential data.
The stolen data is large, including names, residences, dates of birth, Social Security numbers, driver's license and government ID numbers, financial account information, health insurance information, and even medical data such as diagnoses and treatment details. In response to this breach, Texas Tech University will contact impacted individuals in writing and provide free credit monitoring services to help limit potential risks.
Source: SecurityWeek
Meta's Global Glitch: Facebook, Instagram, and WhatsApp Go Dark
Meta, the parent company of Facebook, Instagram, and WhatsApp, faced a major social media blackout that impacted its apps, mainly in the United Kingdom. The outage occurred at 6 p.m. on Wednesday, with Downdetector reporting tens of thousands of complaints across three platforms in the UK, but customers in the United States were mainly unaffected.
By 10 p.m. GMT, Meta announced that they were "99% of the way there" to correcting the issue, apologizing to affected users and doing final tests. The corporation offered updates on the social network X (previously Twitter) to keep users informed of the resolution's progress.
This outage, while important, was not as serious as the 2021 Facebook outage, which was triggered by a configuration error in the BGP protocol, resulting in a sustained global interruption. Due to the nature of the fault, engineers were unable to access servers remotely or physically, aggravating the issue.
Source: The Guardian
.jpeg)
