Email Security News Round-Up [September 2022]

September was a busy month filled with email security news and cybersecurity news stories from around the world.

From a phishing scam exploiting Queen Elizabeth II’s death and  NATO documents for sale on the Dark Web to a massive data breach, and more, here’s the month’s round-up. 

Let’s dive into September’s cybersecurity and email security news headlines!

Russian Yandex Taxi App Hacked Causing a Massive Traffic Jam In Moscow

Russia’s leading IT company, Yandex Taxi, suffered a cyberattack in early September. Hackers breached the taxi app causing a massive traffic jam that lasted three hours in Moscow.

The threat actors ordered all available taxis to the same address; one of the main avenues in Moscow, Kutuzovsky Prospekt.

Behind this cyberattack were the IT Army of Ukraine and the Anonymous collective.

Queen Elizabeth II’s Death Exploited by a Phishing Attack

The death of British monarch Queen Elizabeth II boosted cybercrimes worldwide.

By impersonating Microsoft, bad actors led victims to write their condolences to the Queen on an “interactive AI memory board.”

But the link redirected users to a credential harvesting page where they had to log in to their Microsoft account.

The phishing kit known as EvilProxy is said to be used, working in the background and compromising accounts during the process. Afterwards, victims’ data is sold on the Dark Web.

NATO Documents Stolen and Sold on the Dark Web

Speaking of the Dark Web, American intelligence agencies alerted Portugal’s Prime Minister António Costa that sensitive NATO documents were put up for sale by malicious actors in the second week of September.

The breach allegedly occurred because officials broke security protocols using an unsecured connection to send and receive documents.

After the incident, two government officials visited NATO headquarters in Brussels, where a high-level meeting took place.

YouTube Suffers a Worldwide Outage

On September 23rd, an internet observatory, NetBlock, tweeted about YouTube experiencing international outages with live streams.

There were thousands of users complaining that they couldn’t access live streams.

Many shared their reports on DownDetector, and the statistics showed that most issues were connected with video streaming and accessing the YouTube website.

While trying to access YouTube streams, users saw a black screen with an error message and a “please try again later” text.

NetBlocks also stated that the issue isn’t connected with “country-level internet disruptions.”

Currently, it’s unknown whether the incident was due to a planned upkeep activity, an issue with YouTube’s servers, or a result of malicious activity.

Millions of Optus Users Affected by a Data Breach

In September’s latest cybersecurity and email security news, Australia’s second-largest telecommunications firm, Optus, suffered a  severe cyberattack.

This is possibly an Australian firm’s most significant breach of personal data.

At the end of September, Optus confirmed that its customers’ private data could be compromised in an attack since the cybercriminals managed to access the customer identity database.

The threat actors accessed it via other systems through the Application Programming Interface.

The official press release states that the information exposed includes:

  • Names
  • Dates of birth
  • Phone numbers
  • Passport numbers. 
  • Addresses
  • Email addresses
  • Driver’s licenses.

Optus also stated that the cybercriminals accessed its network from an external source and obtained the consumer database, copying one-third of it.

The company states that right after discovering the attack, it shut down the attack before it could harm customers. 

The investigation is still ongoing.

Final Thoughts

Our regular series of email security news and cybersecurity news round-ups once again proved how vulnerable your business could be.

Cybersecurity is always the top concern for technology executives and company owners.

Take steps today to secure your domain for a better future!

The post Email Security News Round-Up [September 2022] appeared first on EasyDMARC.

*** This is a Security Bloggers Network syndicated blog from EasyDMARC authored by Knarik Petrosyan. Read the original post at: