Skip to content
  Sunday 22 June 2025
  • Home
  • Attack
  • Malware
  • Cloud
  • Data
  • Technology
  • World of tech
Trending
September 25, 2023Deadglyph Backdoor Targeting Middle Eastern Government December 11, 202318 Malicious Loan Apps Defraud Millions of Android Users May 7, 2025NSO Group Fined $168M for Targeting 1,400 WhatsApp Users With Pegasus Spyware April 9, 2024Why Claroty Is Considering Going Public at a $3.5B Valuation August 22, 2024Microsoft will release controversial Windows Recall AI search feature to testers in October February 20, 2025Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives July 9, 2024Australian, APAC SAP Customers Face Looming 2027 ERP Cloud Migration Deadline June 5, 2024Why Tenable Is Eyeing Israeli Data Security Startup Eureka September 20, 2024Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East October 5, 2023Guyana Governmental Entity Hit by DinodasRAT in Cyber Espionage Attack
  • Home
  • Attack
  • Malware
  • Cloud
  • Data
  • Technology
  • World of tech
  Malware  European Investment Bank Suffers Cyberattack
Malware

European Investment Bank Suffers Cyberattack

adminadmin—June 23, 20230
FacebookTwitterPinterestLinkedInTumblrRedditVKWhatsAppEmail


3rd Party Risk Management
,
Breach Notification
,
Finance & Banking

Also: MOVEit Attackers Target Pensioners, UPS Canada Discloses Data Breach

Anviksha More (AnvikshaMore) •
June 22, 2023    

Breach Roundup: European Investment Bank Suffers Cyberattack

Every week, Information Security Media Group rounds up cybersecurity incidents around the world. This week, attackers hit European Investment Bank; a California pensioners’ fund suffered a cyberattack related to MOVEit; UPS Canada disclosed a data breach; and a new Android malware campaign spread GravityRAT spyware.

See Also: OnDemand Webinar | Learn Why CISOs Are Embracing These Top ASM Use Cases Now

EIB Confirms Outage Caused by Cyberattack

The European Investment Bank fell victim to a cyberattack this week as hackers successfully infiltrated the company’s systems. This incident coincided with threats from Russian hackers indicating their intentions to destabilize Western financial markets.

On Monday, the EIB took to Twitter to confirm the ongoing cyberattack, revealing that the firm’s websites, eib.org and eif.org, had been experiencing severe availability issues. The attack rendered the bank’s website completely inaccessible, while the European Investment Fund’s website, which is responsible for aiding small and medium-sized businesses with financial accessibility, remained functional but displayed noticeable alterations.

The EIB, headquartered in Luxembourg City, serves as the development bank for the European Union. With a workforce exceeding 3,000 employees and a balance sheet surpassing 500 billion euros, the institution plays a pivotal role in supporting economic growth within the region.

This cyberattack occurred shortly after Russian-speaking hackers had issued warnings, expressing their intent to target Western financial institutions due to their perceived support for Ukraine.



MOVEit Update: 770,000 Pensioners’ Personal Data Leaked

The California Public Employees’ Retirement System become the latest state government agency to suffer from the fallout of a cyberattack triggered by the compromise of MOVEit, a widely used file transfer software product, by the Clop ransomware group, which exploited a zero-day vulnerability in MOVEit.

CalPERS’ third-party vendor, PBI Research Services, notified the largest public employee pension fund in the United States on June 6 about the breach. Unauthorized access allowed an individual to download sensitive data from the pension fund, including personal information such as names, birthdates and Social Security numbers. PBI Research assists CalPERS in managing enrollees’ information to ensure accurate payments and prevent overpayments. The attack did not affect CalPERS’ internal IT systems, and regular payments remained functional.

CalPERS serves over 2 million active members, comprising current and retired state workers and teachers and has assets totaling approximately $440 billion as of June 2022. The breach primarily affected retired members and their spouses, and CalPERS is in the process of informing them about the incident.

Progress Software’s MOVEit software has been widely adopted by public and private organizations globally. Progress Software subsequently revealed two additional vulnerabilities and issued several patches to address the security flaws.

Clop has been publicizing data stolen from some private sector victims on its extortion site, but it said it refraining from publishing data obtained from government agencies.

More stories

UK Sounds Warning Over Targeted Healthcare Attack

August 4, 2023

Federal Cybersecurity Contractors Whiplashed By Uncertainty

January 31, 2025

Credit Washing and Synthetic ID Fraud Hit All-Time High

May 22, 2025

China Using Powerful Hacking Firms to Run Its Espionage War

September 16, 2024


UPS Canada Discloses Data Breach

Multinational shipping company UPS Canada mailed a data breach notification to its Canadian customers.

Between February 2022 and April 2023, UPS networks were infiltrated by unauthorized access, giving the hacker access to delivery information and potentially customers’ phone numbers. This breach enabled malicious actors to engage in activities such as smishing by using the obtained phone numbers.

Android GravityRAT

Eset researchers found that a new Android malware campaign is spreading the latest version of GravityRAT by masquerading as chat apps. The malware, active since August 2022, uses a Trojanized chat app called BingeChat to infiltrate mobile devices and target WhatsApp backup files. These backups, intended to facilitate data transfer between devices, can contain unencrypted sensitive information, including text and media files.

GravityRAT, which is operated by the SpaceCobra group, emerged in 2015 but began focusing on Android in 2020. In the latest campaign, the malicious app is distributed through bingechat.net and relies on invitation-based registration, making it challenging for analysis. BingeChat requests various permissions upon installation, posing as a standard instant messaging app. Before registration, it sends call logs, contacts, messages, device location and basic information to the threat actor’s command-and-control server. It also steals media and document files, including WhatsApp backups with file extensions such as crypt14 and crypt32.


Asus Issues Patch for Highly Critical Wi-Fi Router Flaws

Taiwanese computer hardware manufacturer Asus on Monday issued urgent firmware updates for vulnerabilities found in its Wi-Fi router products and warned users of remote code execution attacks.

The firmware update includes fixes for nine security flaws, some of which are classified as having “high” or “critical” severity. Among the critical vulnerabilities are CVE-2022-26376, a critical memory corruption weakness in the Asuswrt firmware that could lead to denial-of-service attacks or code execution, and CVE-2018-1160, an out-of-bounds write Netatalk vulnerability that can enable arbitrary code execution on unpatched devices.

The affected router models encompass a range of devices including GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000 and TUF-AX5400. Users are advised to promptly update their routers to mitigate the security risks associated with these vulnerabilities.


Iowa School District Confirms Ransomware Attack

Iowa’s largest school district, Des Moines Public Schools, on Monday confirmed a ransomware attack that triggered a shutdown of network systems on Jan. 9, 2023. The school received a ransom demand but has not paid the hackers.

The school district will be contact closing to 6,700 individuals whose data was affected by the breach.

The attack resulted in the cancellation of all classes for several days starting Jan. 10, after internet and network services were taken offline during the investigation.

“The cyberattack against DMPS included a ransom demand. No ransom has been or will be paid in response to this attack based on the advice of our cybersecurity experts and what is in the best interest of the school district and community,” Des Moines Public Schools said.


Other Coverage From Last Week





Source link

FacebookTwitterPinterestLinkedInTumblrRedditVKWhatsAppEmail

admin

IOTW: A full timeline of the MOVEit cyber attack
Personalized UX, Fraud Detection, and Secure Logins
Related posts
  • Related posts
  • More from author
Malware

Court Ditches HIPAA Reproductive Health Info Privacy Rule

June 21, 20250
Malware

Aflac attack – GovInfoSecurity

June 20, 20250
Malware

AdaCore Merges With CodeSecure for Unified Developer Tools

June 20, 20250
Load more

Whoops, you're not connected to Mailchimp. You need to enter a valid Mailchimp API key.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Read also
Attack

Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages

June 21, 20250
Malware

Court Ditches HIPAA Reproductive Health Info Privacy Rule

June 21, 20250
Malware

Aflac attack – GovInfoSecurity

June 20, 20250
Malware

AdaCore Merges With CodeSecure for Unified Developer Tools

June 20, 20250
Malware

Anubis Ransomware’s Puzzling New Tactic

June 20, 20250
Malware

‘The Largest Data Breach in History’ That Wasn’t

June 20, 20250
Load more

Recent Posts

  • Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages
  • Court Ditches HIPAA Reproductive Health Info Privacy Rule
  • Aflac attack – GovInfoSecurity
  • AdaCore Merges With CodeSecure for Unified Developer Tools
  • Anubis Ransomware’s Puzzling New Tactic

    © 2022
    • Home
    • Attack
    • Cloud
    • Data
    • Malware
    • Technology
    • World of tech
    • Privacy
    • Contact