Monday, September 23, 2019
Tripwire

Over 12,000 WannaCry Variants Detected in the Wild

Security researchers have determined that over 12,000 variants of the WannaCry ransomware family are preying upon users in the wild. Sophos attributed this rise of variants to threat actors taking the original 2017 WannaCry binary and modifying it to...
Tripwire

TFlower Ransomware Targeting Businesses via Exposed RDS

A new crypto-ransomware threat called “TFlower” is targeting corporate environments via exposed Remote Desktop Services (RDS). First discovered in August, the ransomware makes its way onto a corporate network after attackers hack into a machine’s exposed Remote Desktop Services....
Tripwire

Emotet Botnet Returns After Four-Month Hiatus With New Spam Campaign

The actors responsible for the Emotet botnet returned after a four-month period of inactivity with a new malspam campaign. On 16 September, SpamHaus security researcher Raashid Bhat spotted a spate of new spam emails written in Polish or German...
Tripwire

Spam Campaign Targeting German Users with Ordinypt Malware

A new spam campaign is attempting to infect German-speaking users with samples of the destructive Ordinypt malware family. According to Bleeping Computer, the campaign sent spam emails masquerading as a job application from someone named Eva Richter. These messages...
Tripwire

COBALT DICKENS Launched New Phishing Operation against Universities

The COBALT DICKENS threat group stayed busy over the summer by launching a new global phishing operation targeting universities. In July and August 2019, Secureworks’ Counter Threat Unit (CTU) researchers observed COBALT DICKENS using compromised university resources to send...
Tripwire

BEC Scams Cost Victims $26B over a Three-Year Period, Finds FBI

The Federal Bureau of Investigation (FBI) found that business email compromise (BEC) scams cost victims a combined total of $26 billion in losses over a three-year period. On 10 September, the FBI’s Internet Crime Complaint Center (IC3) published a...
Tripwire

District in Rockford Public Schools Confirms Ransomware Attack

A district within the Rockford Public Schools (RPS) system has confirmed it suffered a ransomware attack that affected parts of its network. On 6 September, District 205 of RPS posted a statement on Facebook in which it noted that...
Tripwire

Fake PayPal Website Distributes New Variant of Nemty Ransomware

Digital attackers created a fake PayPal website to distribute samples of a new variant of the Nemty crypto-ransomware family. Security researcher nao_sec uncovered the ransomware variant after they came across a fake PayPal website. This site promised users a...
Tripwire

Unalaska Recovers $2.3 Million Following Phishing Attack

The Alaskan city of Unalaska has recovered approximately $2.3 million after digital fraudsters targeted it with a phishing attack. Erin Reinders, city manager of Unalaska, revealed that the municipality had recovered $2,347,544.43 on 22 August. That amount constituted a...
Tripwire

Ransomware Attackers Demanded $5.3M from City of New Bedford

Digital criminals demanded $5.3 million in ransom from the City of New Bedford, Massachusetts following a ransomware attack. Jon Mitchell, Mayor of New Bedford, explained in a press briefing that the ransom demand came shortly after the City’s Management...
Tripwire

Phishing Campaign Used SharePoint to Bypass Email Perimeter Tech

Security researchers spotted a phishing campaign that used SharePoint to bypass email gateway and other perimeter technologies. Cofense learned of the campaign after it analyzed an attack email sent from a compromised account @independentlegalassessors.co.uk. The email asked the recipient...
Tripwire

Google Expands Scope of One Bug Bounty Program, Launches Another

Google has decided to expand the scope of one of its bug bounty programs as well as launch another security rewards initiative. On 29 August, Android Security & Privacy team members Adam Bacchus, Sebastian Porst, and Patrick Mutchler announced...
Tripwire

Lumber Liquidators Says Malware Attack Didn’t Affect Sensitive Data

Lumber Liquidators revealed that a malware infection on its systems compromised neither its employees’ nor its consumers’ sensitive data. On 27 August, the American hardwood flooring retailer said all but a very small number of stores had regained the...
Tripwire

Joint Effort Neutralized Over 850K Infections of Retadup Worm

A joint investigatory effort neutralized more than 850,000 unique infections of Retadup, a worm known for targeting Windows machines in Latin America. In March 2019, Avast came across an interesting cryptomining payload that arrived with a advanced stealthy process...
Tripwire

Free Decryption Tool Released for Syrk Ransomware

Security researchers have released a decryption tool which victims of Syrk ransomware can use to recover their files for free. Emsisoft found that Syrk arrived with its own decryptor, but the security firm decided to release its own utility...
SC Magazine

Ning Wang – Offensive Security

Ning WangCEO Offensive Security Why Nominated: Ning Wang is a rising star has worked to break the boundaries in the security industry, so that people can see that anyone is capable of starting a career in cybersecurity and advancing it –...
SC Magazine

Dani Martínez – IOActive

Dani MartínezSecurity ConsultantIOActive Why nominated: Dani Martínez proved to be a self-starter, beginning his career in IT he soon developed an interest in cybersecurity and began taking online courses in his spare time. Martínez also dove write in and began a cybersecurity blog...
SC Magazine

Maurice Stebila – Harman, a Samsung Company

Maurice StebilaDigital Security,Compliance and Privacy OfficerHarman, a Samsung Company Why nominated: Maurice Stebila has spent more than 30 years in the automotive, manufacturing and financial services industry supporting two of the world’s largest companies – EDS/General Motors and Harman by Samsung...
SC Magazine

Ed Adams – Security Innovation

Ed AdamsPresident and CEOSecurity Innovation Why Nominated: A highly respected veteran of the cybersecurity industry, Security Innovation CEO Ed Adams has taken on several new leadership roles in the year or so. Last April, he was named to board of directors of...
SC Magazine

David Archer – Galois

David ArcherPrincipal scientistGalois Why Nominated: Archer, an advocate for preserving privacy of data even when it’s used in decision-making both within the U.S. at all levels of government as well as internationally, directs research in privacy-preserving information technologies. Profile:  David Archer is all...