Cyber Security Report #10 – 2023
NTT Security’s monthly report on cybersecurity contains three interesting observations.
Ransomware group files complaint against victim organization with the US Securities and Exchange Commission. Ransomware group ALPHV filed a complaint with the US Securities and Exchange Commission accusing an organization it attacked of violating its disclosure requirements for critical incidents.
A shortened URL created by an online service directs customers to a malicious site. On November 9, Inageya Co., Ltd., a supermarket operator, announced that when QR codes on posters and leaflets were scanned, redirection to a malicious site caused the theft of credit card information.
Microsoft’s VS Code tool could reveal passwords. Hackers have traded tools that can collect information about the SFTP plug-in in VS Code, and in some cases it
has been exploited in attacks.