Cyber Stories Newsletter: Stay Informed on the Latest Cybersecurity News - Week of January 5th 2024
Happy New Year 🎉 and welcome to another edition of our newsletter, your go-to source for the latest cybersecurity developments and news.
We bring you a glimpse into some of the intriguing stories that have been making headlines in the cyber world this week 🌐.
This year let's all try to make some proactive changes to increase our cybersecurity awareness and protect ourselves from these kinds of threats. For the sake of our employees and our customers 🛡️.
Be sure to subscribe to our blog to get these latest threat reports and news stories delivered right to your inbox 📬.
As always, be sure to reach out with any questions or concerns you have on these or any recent threats. Your security is our priority!
Stay safe and informed! 🚀
GTA 5 Source Code Leaked a Year After GTA 6 Leaks in Rockstar Hack
The source code for GTA 5 has reportedly leaked on the dark web, following a previous hack by the Rockstar games hacker Lapsus$ over a year ago. The leaked source code also includes files related to Bully 2, the anticipated sequel to Rockstar's 2006 game Bully. The stolen source code has been shared on various platforms, including Discord and a Telegram channel previously used by the Lapsus$ hackers. It is worth mentioning that Arion Kurtaj, also known as 'teapotuberhacker,' who was involved in the Rockstar and Uber hacks, played a significant role in the GTA 5 Source Code Leak and has been sentenced to an indefinite hospital prison. The Lapsus$ hacking group, known for their social engineering and SIM swapping techniques, targeted several prominent companies, including Uber, Microsoft, and Rockstar Games. The authenticity of the leaked source code has yet to be independently verified.
https://dailysecurityreview.com/security-spotlight/gta-5-source-code-leaked/
Museum World Grapples with Cyberattack on Vital Software
Several prominent museums, including the Museum of Fine Arts Boston, the Rubin Museum of Art, and the Crystal Bridges Museum of American Art, have been affected by a recent cyberattack on Gallery Systems, a widely used technological service provider. The attack has disrupted museum operations, causing outages on online collection displays and hindering access to sensitive information managed by the software. The incident underscores the increasing prevalence of cyberattacks targeting cultural organizations, with previous cases involving data breaches and ransomware attacks. While the full extent and impact of the attack are yet to be determined, experts emphasize the value of protecting the invaluable information surrounding museum collections.
https://www.nytimes.com/2024/01/03/arts/design/museum-cyberattack.html
LockBit Ransomware Targets Hospitals
In the realm of ransomware, LockBit has emerged as a significant threat, with its affiliates increasingly targeting hospitals. This week, three hospitals in Germany fell victim to LockBit attacks, causing disruptions to emergency room services. In another case, two New York hospitals sought a court order to retrieve stolen data stored by LockBit on a server belonging to cloud storage company Wasabi Technologies. The affected hospitals now demand that Wasabi delete the data from its servers. Interestingly, earlier in December 2022, a LockBit affiliate attacked the Hospital for Sick Children in Toronto, prompting the ransomware operation to release a free decryptor and apologize for the incident. Despite their own rules against targeting hospitals, LockBit affiliates continue to carry out such attacks. Additionally, Microsoft once again disabled the MSIX ms-appinstaller protocol handler due to ongoing abuse by malware campaigns.
Ban on Ransomware Payments? The Alternative Isn't Working
Cybersecurity firm Emsisoft has called for a complete ban on ransom payments, citing another year of record-breaking digital extortion. In 2023, ransomware attacks targeted thousands of organizations, including hospitals, schools, government bodies, and private-sector businesses, costing victims an average of $1.5 million to rectify. Emsisoft argues that the current approach of asking organizations not to pay ransoms is ineffective. The report highlights the increasing number of attacks and the potential loss of life caused by ransomware. With opposition to a total ban decreasing, Emsisoft asserts that urgent action is needed to address this growing threat.
https://www.theregister.com/2024/01/03/ban_ransomware_payments/
.svg)