Saturday, November 17, 2018
Tripwire

Malaysia’s Largest Media Company Allegedly Suffers Ransomware Attack

Malaysia’s largest media company allegedly suffered a ransomware attack that affected its ability to use its in-house email system. Anonymous sources told The Edge Financial Daily that ransomware attackers struck Media Prima Berhad, a media giant which operates businesses...
Tripwire

14 Malware Families Targeting E-Commerce Brands Ahead of Black Friday

Researchers discovered 14 malware families targeting dozens of e-commerce brands just over one week before Black Friday. Kaspersky Lab observed the threats targeting 67 e-commerce brands including 33 consumer apparel sites, eight consumer electronic outlets and three online retail...
Tripwire

Nordstrom Reveals Data Breach, Sensitive Employee Data Exposed

A data breach involving luxury retailer Nordstrom has potentially exposed the personal information of thousands of its employees. The Seattle-based company said the compromised data included employee names, Social Security numbers, dates of birth, checking account and routing numbers,...
Tripwire

Canada Post Leaked Personal Data of 4,500 Cannabis Customers

The Ontario Cannabis Store (OCS) is warning that approximately 4,500 customers had their personal information exposed following a privacy breach involving Canada Post. In a statement on Twitter, the OCS announced on Wednesday that an unauthorized individual was able...
Tripwire

Half a Million People Potentially Affected by Data Breach at Bankers Life

A data breach at Bankers Life might have compromised the personally identifiable information of over half a million people. On 25 October 2018, Fortune 1000 company CNO Financial Group, Inc. submitted a report to the Office for Civil Rights’...
Tripwire

HSBC Bank Notifies Customers of Data Breach

HSBC Bank sent a letter to an undisclosed number of customers informing them of a data breach that might have exposed their personal information. The California Attorney General’s Office recently received a template of a letter that HSBC Bank...
Tripwire

Two Firms Fined £220,000 by ICO for Making 600,000 Nuisance Calls

The Information Commissioner’s Office (ICO) fined two firms £220,000 for making more than half a million nuisance calls. On 31 October, the ICO announced its imposition of the fine after two home security firms contacted people registered with the...
Tripwire

Police Raid Illegal Call Centers Linked to CRA Phone Scam

There have been many scams that have utilized the phone system to gain access to funds or personal information from hardworking individuals. One of the most prevalent scams that seems to persist in both Canada and the United States...
Tripwire

Kraken Ransomware Now Being Distributed by Fallout Exploit Kit

Kraken ransomware recently added the Fallout exploit kit as another means of reaching users and encrypting their information. Working with the Insikt group from Recorded Future, the McAfee Advanced Threat Research team found evidence that the authors of the...
Tripwire

Malware Infection at USGS Traced to Employee’s Habit of Viewing Adult Content

Federal investigators traced a malware infection at the U.S. Geological Survey (USGS) to an employee’s habit of viewing adult content. On 17 October, the Office of Inspector General (OIG) submitted a report in which it revealed its discovery of...
Tripwire

Man Ordered to Pay $8.6 Million for Launching DDoS Attacks against Rutgers University

A New Jersey man received a court order to pay $8.6 million for launching a series of distributed denial-of-service (DDoS) attacks against Rutgers University. On October 26, the U.S. Attorney’s Office for the District of New Jersey announced the...
Tripwire

Files Encrypted by GandCrab Ransomware Can Now Be Decrypted for Free

GandCrab has become one of the most devastating, and hence most successful, ransomware families of 2018. Alongside the Dharma cryptovirus family, GandCrab has enslaved the files of millions of users in a number of active campaigns via several iterations....
Tripwire

ICO Issues £500,000 Fine to Facebook for Cambridge Analytica Data Scandal

The Information Commissioner’s Office (ICO) has issued a fine of £500,000 to Facebook for the the data scandal involving Cambridge Analytica. On 25 October, the ICO confirmed it had issued the fine after notifying Facebook of its intention back...
Tripwire

Yahoo Agrees to Pay $50 Million in Damages to Settle Data Breach Lawsuit

Yahoo has agreed to pay $50 million to help settle a lawsuit that seeks to hold the company responsible for a data breach the company suffered several years ago. On 23 October, Yahoo said it would pay $50 million...
Tripwire

Indiana National Guard Suffers Ransomware Attack

The Indiana National Guard confirmed that a ransomware attack affected some of its service members’ personal information. On 18 October, the Indiana National Guard said in a statement that ransomware had infected a state-owned, non-military server containing the personally...
SC Magazine

Instagram flaw exposes user passwords

A security flaw in Instagram’s recently released “Download Your Data” tool could have exposed some user passwords, the company reportedly told users. The tool, revealed by Instagram right before the GDPR regulation went into effect, is designed to let users...

Julian Assange Charges, Japan’s Top Cybersecurity Official, and More Security News This Week

Safer browsing, more bitcoin scams, and the rest of the week's top security news.
The Register

SMS 2FA database leak drama, MageCart mishaps, Black Friday badware, and more

Plus, why is Kaspersky Lab getting into chess? Roundup  What a week it has been: we had the creation of a new government agency, a meltdown flashback, and of course, Patch Tuesday.…
TechRepublic

Is retaining a cybersecurity attorney a good idea for your business?

Cybersecurity is so complicated that businesses, large and small, are retaining legal counsel specializing in security. Learn two more steps businesses should take before a cyberattack hits.

Machine Learning Can Create Fake ‘Master Key’ Fingerprints

Researchers have refined a technique to create so-called DeepMasterPrints, fake fingerprints designed to get past security.