New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research

Search

Accellion File Transfer Applications Targeted in New Zealand Central Bank Attack

The New Zealand Central Bank announced that it was the victim of a cyber-attack when unidentified threat actors targeted their infrastructure. One of the data systems for the bank that was breached contained commercial and personal information of their clients. The core operations of the bank were not affected according to the government officials. The bank utilized a third-party company, Accellion File Transfer Applications (FTA), which was breached in mid-December. The bank used the third party to share information with external stakeholders. Accellion released a patch for its vulnerability which was disclosed in December and encouraged all of their customers to update their systems.

Analyst Notes

Breaches in third party software or service providers in any industry pose a security threat for all their customers. Many times, threat actors can use vulnerabilities in third-party applications to target companies that fail to apply patches. The patch was released 72 hours after the vulnerability was disclosed and it is unclear if the bank updated its systems or if the attacker managed to exploit the vulnerability within the 72 hours. Whenever a system that is used by a company finds a vulnerability and pushes a patch to their customer, the system should be updated as soon as it is practical, after any required testing, to ensure the company is protecting themselves to the best of their ability. The type of information affected was not disclosed by the bank in order to not compromise the ongoing investigation, but they did state that commercially and personally sensitive information may have been accessed. Whenever someone is a client of a company that is the victim of an attack that includes breached data, proper precautions should take place. Since bank data was potentially taken in this case, affected parties should begin to watch their credit and bank accounts for fraudulent charges. People should also be aware of other scams that can be carried out after a breach such as phishing campaigns targeting victims.

More can be read here: https://securityaffairs.co/wordpress/113374/hacking/new-zealand-central-bank-attack-accellion.html?web_view=true

Sources: https://www.zdnet.com/article/phishing-warning-these-are-the-brands-most-likely-to-be-impersonated-by-crooks-so-stay-alert/