Cyber News Update 56

Welcome to the CyberCure Bi-Weekly podcast. You can read the full transcript at: https://blog.cybercure.ai/2020/07/31/cyber-news-update-31-7-20/ This podcast will give you a summary of the latest news related to cyber intelligence and proactive cyber security in only a few minutes. The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world. The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand. ---- Life Healthcare, a South African healthcare provider, is investigating a cyber-attack that targeted some of the group’s IT systems. Life Healthcare Group is the second largest private hospital operator in South Africa and said its southern African operation had been the victim of a targeted criminal attack on its IT systems. According to the organization, patient care has not been impacted by the cyber-attack, although some hospitals and administrative offices have switched to manual backup systems. The acting group CEO, said: “We are deeply disappointed and saddened that criminals would attack our facilities during such a time, when we are all working tirelessly and collectively to fight the COVID-19 pandemic." Its sad to see once again how organizations fails to allocate proper budgets to cyber security measures and training which might resulted in this attack. South Africa have been targeted lately by several strong entities resulting successful hacking attacks. --- Cosmetics giant Avon is recovering from a mysterious cyber-security incident that took place last week, on June 8, sources have told ZDNet. The company has filed documents with the US Securities Exchange Commission disclosing the incident on June 9, a day after the company first discovered issues with some of its IT infrastructure. The company said the incident "interrupted some systems and partially affected operations." Last week, Avon distributors reported problems accessing the company's backend, where they usually file new product orders. Issues with accessing the Avon backend have been reported in the UK, Argentina, Brazil, Poland, and Romania. Avon, which is owned by Brazilian multinational Natura &Co, has declined to provide details about the incident to both distributors, and the representatives of the press. An Avon spokesperson could not be contacted for comment, despite repeated attempts over the past two days. Details about the nature of the cyber-attack are still a mystery, but in a second document filed with the SEC on June 12, last Thursday, Avon promised to restore "some of its affected systems in the impacted markets" during this week. rumors on the internet states that the Avon incident is a ransomware attack carried out by the DopplePaymer gang. However,no independent confirmation found. While ago, The operators of the DopplePaymer ransomware have congratulated SpaceX and NASA for their first human-operated rocket launch and then immediately announced that they infected the network of one of NASA's IT contractors. In a blog post published today, the DopplePaymer ransomware gang said it successfully breached the network of Digital Management Inc. (DMI), a Maryland-based company that provides managed IT and cyber-security services on demand. To support their claims, the DopplePaymer operators posted 20 archive files on a dark web portal the group is operating. So maybe there is a good reason for Avon to hide the details about the attack and not disclose ? ----- That’s it for this podcast, stay safe and see you in the next podcast. Don’t forget to visit www.cybercure.ai for the latest podcasts on cyber intelligence.