Wednesday, December 11, 2019

Data Security Incident Disclosed by Cheyenne Regional Medical Center

Cheyenne Regional Medical Center revealed it’s in the process of notifying patients about a security incident that might have exposed their personal data. On April 12, 2019, Cheyenne Regional Medical Center (CRMC) first discovered suspicious activity involving a small...

Updated Ryuk Ransomware Decryptor Could Damage Larger Files

Attackers provided victims who paid with an updated Ryuk ransomware decryptor that could potentially damage their larger files. Emsisoft found that malicious actors had added numerous new features to Ryuk ransomware over the past year. In a lesser-known case,...

Spotify Phishing Campaign Tells Users that Their Subscriptions Are Frozen

A new Spotify-themed phishing campaign informed recipients that the music streaming service had frozen their subscriptions. On 5 December, MailGuard discovered an email that appeared to come from Spotify. The email itself used the display name “Spotify” along with...

Data Privacy Event Disclosed by Sunrise Community Health

Sunrise Community Health disclosed a data privacy event that might have affected some patients’ personal and medical information. In the fall of 2019, Sunrise Community Health (“Sunshine”) learned of a data privacy incident through which an unauthorized party gained...

ZeroCleare Malware Targeting Energy, Industrial Sectors in Middle East

Researchers have detected a new malware family called “ZeroCleare” that’s targeting the energy and industrial sectors in the Middle East. IBM X-Force Incident Response and Intelligence Services (IRIS) launched an investigation into ZeroCleare and learned that the malware had...

Smith & Wesson Online Store Affected by Magecart Attack

The online store for American gun manufacturer Smith & Wesson fell victim to a Magecart attack that’s designed to steal customers’ payment data. Willem de Groot of Sanguine Security learned that a particular Magecart group had been impersonating his...

DeathRansom Ransomware Fixes Issues, Now Encrypting Victims’ Data

After its developers fixed several issues, DeathRansom ransomware is now actively infecting users and encrypting victims’ data. DeathRansom wasn’t actually crypto-ransomware when attackers first began distributing it. At that time, the threat pretended to encrypt users’ information and appended...

Fullz House Group Using Phishing and Web Skimming to Maximize Profits

A new threat group called “Fullz House” is using both phishing and web skimming in order to maximize the profits of its attacks. Fullz House isn’t new to the threat landscape, but RiskIQ observed that the group had expanded...

Catch Says POS Malware Incident Might Have Exposed Customers’ Data

Catch Hospitality Group revealed that a point-of-sale (POS) malware incident might have exposed some of its customers’ data. The restaurant and catering company launched an investigation and retained the services of a digital forensics firm after detecting unauthorized activity...

T-Mobile Says Security Incident Might Have Affected Some Customer Data

Wireless network operator T-Mobile revealed that a security incident might have exposed the personal information of some of its customers. In a statement posted on its website, T-Mobile said that its security teams had discovered an instance of “malicious,...

Nigerian Fraudster Pulled Off $1M Scam While Serving Prison Term

A convicted Nigerian fraudster earned more than $1 million from a scam that he executed while serving a multi-year prison term. The Economic and Financial Crimes Commission (EFCC) launched an investigation into how Hope Olusegun Aroke had pulled off...

New Decryption Tool Released for Jigsaw Ransomware

Security researchers have released a new decryption tool that could help victims of Jigsaw ransomware recover their affected files for free. In a blog post announcing the new utility, Emsisoft explained that its decryptor can work against 85 extensions...

Macy’s Says Security Incident Might Have Exposed Customers’ Data

Macy’s is notifying customers about a data security incident that might have exposed some of their personal and financial information. The American department chain store said that it first learned of the incident back in mid-October. At that time,...

Phishers Targeting Microsoft Office 365 Admin Credentials

Digital fraudsters are stealing Microsoft Office 365 administrator credentials as part of a broader phishing campaign targeting organizations. The campaign began with a phishing email that leveraged Microsoft and its Office 365 brand to lull recipients into a false...

Phishing Email Instructs Users to Click on “Keep Same Password” Button

Digital fraudsters have launched a new phishing campaign whose attack emails instruct recipients to click on a “Keep same password” button. Bleeping Computer observed that the phishing campaign uses attack emails that arrive with “Account Update” as their subject...
SC Magazine

Pensacola confirms ransomware attack

Pensacola officials confirmed that an ongoing cyberattack that began early Saturday morning is a ransomware attack. While the city did not release any additional details, the Pensacola News Journal said city spokeswoman Kaycee Lagarde confirmed the attack included a ransom, something that...

Trickbot Operators Now Selling Attack Tools to APT Actors

North Korea's Lazarus Group - of Sony breach and WannaCry fame - is among the first customers.
Brian Krebs

The Great $50M African IP Address Heist

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions...

Intel Issues Fix for ‘Plundervolt’ SGX Flaw

Researchers were able to extract AES encryption key using SGX's voltage-tuning function.

How to stop spam calls right now

Spam calls drive us all crazy. Here are four ways to stop robocalls and other unsolicited phone calls.