Cybersecurity Briefing: Ransomware Strikes and Major Breaches on December 19, 2022

Lead Story: InfraGard Breach Exposes Sensitive Data

On December 19, 2022, a significant breach of InfraGard—an FBI information-sharing portal—was revealed, impacting over 80,000 security professionals and law enforcement officers. An attacker impersonated the CEO of a financial corporation to gain access and leveraged API credentials to download sensitive data, which is now being sold online. This incident exposes vulnerabilities in information-sharing platforms and raises concerns about the security of sensitive data within governmental and private sectors. Check Point Research.

LockBit Ransomware Targets California’s Department of Finance

The notorious LockBit ransomware group has launched a targeted attack against California's Department of Finance, claiming to have stolen over 75GB of sensitive data. They are threatening to leak this data if their ransom demands are not met, highlighting the ongoing risk of ransomware to government operations and public sector data integrity. Check Point Research.

BlackCat Gang Strikes Colombian Power Company EPM

In another alarming incident, the Colombian power company EPM suffered an attack attributed to the BlackCat (ALPHV) ransomware gang. This breach led to significant disruptions to the company’s online services, illustrating the increasing targeting of critical infrastructure by sophisticated cybercriminal organizations. Check Point Research.

LastPass Breach Update

Following a breach disclosed in August, LastPass reported that hackers accessed a third-party cloud storage service. This access may have compromised customer account information, including names, email addresses, and encrypted vault data, raising serious concerns about password management security. LastPass Blog.

Microsoft Security Updates: Critical Patches Released

Microsoft rolled out its December security updates, addressing 74 vulnerabilities, with seven classified as critical. Notably, one of these vulnerabilities was reportedly exploited in the wild before the patch was applied, underscoring the urgency for users to update their systems promptly to mitigate risks. Check Point Research.

Analyst Perspective

The events of December 19, 2022, reflect the persistent and evolving threats facing organizations today. The InfraGard breach emphasizes the need for stronger authentication and access controls, while the ransomware incidents highlight the vulnerability of both public and private sectors to such attacks. The LastPass breach serves as a reminder of the ongoing risks associated with cloud services, and Microsoft's timely security updates reinforce the importance of regular software maintenance. As cyber threats continue to escalate in sophistication and frequency, implementing robust security measures and fostering a culture of cybersecurity awareness will be paramount for organizations aiming to protect sensitive data and maintain operational integrity.