• Dissecting Modus Operandi And Activities Of Infamous Iranian Hacker Group APT33
    In its recent report, Microsoft has revealed that the infamous APT33, also known as Holmium or Magnallium cybercriminal group, stole data from about 200 companies in the past two years. These Iranian hackers penetrated into systems, businesses, and governments and have caused hundreds of millions of dollars in damages. The Holmium threat actor group has been active since at least 2013.Read More
  • What is Spamdexing and How to Address It?
    Spamdexing is an attempt to manipulate search engine rankings and generate traffic which is used later to fuel a scam designed by bad actors. To do this, threat actors gain access to a normal, healthy website and then inject malicious keywords and links into it.Read More
  • Ukrainian Blackout Malware Spreads Through Dark Web Forums
    Cyber experts at Venafi have found sophisticated backdoor malware techniques, that were used to cripple Ukrainian power stations in 2015, being deployed more widely by the black hat community. The malware specifically targets SSH keys designed to secure remote commands for communications between machines.Read More
  • Palm Beach County Potentially Suffered Ransomware Attack Just Before 2016 Presidential Election
    The fact that a Florida county's election office was hit by a ransomware attack weeks before the 2016 US presidential elections came to light in a recent interview. The incident was never made public by the county. Several Florida state and government networks were also hit by ransomware attacks in 2019.Read More
  • BEC Scams Targeting Gift Cards Accounted For 62% Of All Scams Reported In Q3 2019
    According to the latest report from the FBI, an estimated amount of $1.77 billion was lost in 2019 due to BEC scams, also known as EAC (Email Account Compromise) crimes. BEC/EAC is a sophisticated scam that includes highly-personalized emails from a ‘senior executive’ pressurizing employees into making wire transfers for fraudulent invoices or gift cards.Read More
  • BEC Scammers Siphoned Off $2.6 Million From Puerto Rico Government
    In a recent phishing scam, attackers targeted Puerto Rico’s Industrial Development Company and swindled more than $2.6 million.Read More
  • Altice USA Hit By Email Scam Leaking Thousands of Employees' and Customers' Data
    A phishing scam hit Altice USA Inc., the provider of Optimum cable television and internet services, spilling all 12,000 current employees as well as some former employees and a small number of customer records.Read More
  • BEC Scams Accounted For $1.7 Billion, Half Of Total Cybercrime Losses In 2019: FBI Report
    The FBI's Internet Crime Complaint Center (IC3) released the 2019 Internet Crime Report, revealing estimated cybercrime losses of over $3.5 billion in the year 2019. IC3 received 13,633 Tech Support Fraud complaints from victims residing in 48 countries. A total of 23,775 BEC scam victims accounted for $1.77 billion in losses.Read More
  • A Light at the End of Liberty Reserve’s Demise? — Krebs on Security
    Prompted by assurances that the government would one day afford Liberty Reserve users a chance to reclaim any funds seized as part of the takedown, KrebsOnSecurity filed a claim shortly thereafter to see if and when this process might take place. Federal officials charged that Liberty Reserve facilitated a “broad range of criminal activity, including credit card fraud, identity theft, investment fraud, computer hacking, child pornography, and narcotics trafficking.” The government says from 2006 until the service’s takedown, Liberty Reserve processed an estimated 55 million financial transactions worth more than $6 billion, with more than 600,000 accounts associated with users in the United States alone. But he told me the government had recently obtained legal access to some of the funds held in overseas bank accounts that were used by Liberty Reserve, and that IRS investigators were now starting to contact people and vet any claims made in the wake of the takedown. If you filed a monetary claim in response to the Liberty Reserve seizure years back, you may have already been contacted by federal investigators, or you may be soon.Read More
  • PhotoSquared app exposed customer photos and shipping labels
    Popular photo printing app PhotoSquared has exposed thousands of customer photos, addresses and orders details. At least 10,000 shipping labels were stored in a public Amazon Web Services (AWS) storage bucket. There was no password on the bucket, allowing anyone who knew the easy-to-guess web address access to the customer data. All too often, these AWS storage buckets are misconfigured and set to “public” and not “private.” The exposed data included high-resolution user-uploaded photos and generated shipping labels, dating back to 2016, and was updating by the day. One of the customer orders, including photos and the customer’s shipping address. The exposed storage bucket also had thousands of shipping labels.Read More
  • Hackers Target Massachusetts Police Department Website
    Southwick, Mass., Police Chief Kevin Bishop announced Thursday that the department’s official webpage, www.SouthwickPolice.com, has been taken out of commission. The reason, he said, is hackers some time ago infected the site with malware — malicious software — that interfered with the site’s operation. In this case, people logging onto the Southwick police site for news and information or police activity and arrest logs would instead be sent to a webpage for an online pharmacy. Bishop said the department tried several times to remove the malware when it was detected around a month ago, but without success. In recent years, the department has established a presence of Facebook and has relied on the social media site to get news and information out to the community, and the website came to be de-emphasized, Bishop said. Bishop used Facebook to report on the demise of SouthwickPolice.com and the reasons why after people in a Southwick community forum page on Facebook complained that the site being disabled showed a lack of communication from the police.Read More
  • Idaho Central Credit Union reports two breaches
    Home > Security News > Data Breach Idaho Central Credit Union has started informing some customers of two data breaches that impacted the financial institution The first instance cropped up on November 5, 2019 when some suspicious behavior was noted. A breach was confirmed three days later, reported BoiseDev. A data breach notice was sent on February 6, 2020 after a two-month long investigation found the issue stemmed from a third-party mortgage portal used by the credit union’s employees. The information compromised included name, date of birth, Social Security number, financial account information, tax identification number, and information on borrowers, liability, assets, employment, and income, BoiseDev said. The extent of damage created by this breach was not disclosed, but the company said all those affected by both cases have been notified. Login Register Next post in Data BreachRead More
  • To Bolster Cybersecurity, the US Should Look to Estonia
    Fast forward to 2019, when General Robert Neller, former commandant of the Marine Corps, said that the Marines would create a new cyber auxiliary, where it’s OK for members to have "purple hair," paving the way to attract, recruit, and retain civilian cyber talent. In 2008 Estonia set up a unit of cyber volunteers composed of average citizens from outside government to protect Estonian cyberspace. Put in place out of need after 2007 cyber incident, and out of historical precedent, since the voluntary national defense organization, the Estonian Defence League (EDL), has existed since 1918 , this unit has endured, but continues to undergo refinements. Within the EDL’s volunteer Cyber Defence Unit, tasks are crisis management exercises and training the public. In August 2018, Estonia also created its Cyber Command, which has caused unstoppable ripple effects throughout the Cyber Defense Unit. The unit, composed of over 200 cyber volunteers, has created two additional regional units.Read More
  • NGILA: No single entity can win the cyber warfare
    During this year’s annual CyberTech Global Conference in Tel Aviv, Israel, which I recently attended, the overarching message was a call for global cooperation in monitoring cyber threats.The attack surface is becoming more complex in the Fourth Industrial Revolution, where the Internet of Things is making the job easier for hackers. Cyber attackers are now using advanced technologies such as Machine Learning (ML) to get unauthorised access to financial and data management systems in banks, government agencies and telcos.Kenya, for instance, lost Sh29 billion from these attacks in 2018, according to consulting agency Serianu, while several government agency websites were hacked last year. That will require online security more than ever.Even the electricity generation and supply systems must take cyber security seriously, using artificial intelligence to secure them in real time.During the Tel Aviv conference, Yiftah Ron-Tal, chairperson of the Israel Electric Corporation board, said 11,000 attacks are launched against power systems every second.Read More
  • US Cyber Command, DHS, and FBI Expose New North Korean Malware
    US Cyber Command, the Department of Homeland Security, and the Federal Bureau of Investigations have exposed today a new North Korean hacking operation. According to the Twitter account of the Cyber National Mission Force (CNMF), a subordinate unit of US Cyber Command, the malware is being distributed via a North Korean phishing campaign. US Cyber Command believes the malware is used to provide North Korean hackers with remote access to infected systems in order to steal funds that are later transfered back to North Korea, as a way to avoid economical sanctions. CISA attributed the malware to a North Korean government-backed hacking group known as HIDDEN COBRA. In a screenshot shared with ZDNet, a member of Kaspersky GReAT, Kaspersky's elite hacker-hunting unit, pointed out that the malware samples also shared code with other North Korean malware strains used in past ooperations -- effectively confirming the CISA/FBI/Cyber Command attribution. Subsequently, US Cyber Command also began uploading malware samples related to North Korean hacking activity -- in August, September, and November 2019.Read More
  • Mentor QSL, LLC Provides Notice of a Payment Card Security Event
    MENTOR, Ohio, Feb. 14, 2020 /PRNewswire/ -- Mentor QSL, LLC, the former independent owner and operator of Quaker Steak & Lube®, Mentor, Ohio ("restaurant"), provides notice of an event that may affect the security of payment card information used by certain customers at this restaurant between July 2, 2019 and July 10, 2019. Mentor QSL, LLC was alerted to unusual activity relating to payment cards that may have been used at this restaurant and immediately began working with third-party forensic investigators to investigate the report. Mentor QSL, LLC encourages customers to remain vigilant against identity theft by reviewing their financial account statements regularly and monitoring their credit reports for suspicious activity. Under U.S. law you are entitled to one free credit report annually from each of the three major credit reporting bureaus. You have the right to place a "security freeze" on your credit report, which will prohibit a consumer reporting agency from releasing information in your credit report without your express authorization.Read More
  • Facebook removes 'foreign interference' operations
    Image copyright FACEBOOK Image caption Facebook said both operations acted "on behalf of a government or foreign actor" The small Iranian operation used accounts and personas on Facebook and Instagram to post content about US politics and the 2020 presidential election. In total, 78 Facebook accounts, 11 pages, 29 groups and four Instagram accounts have been removed. According to Graphika, blogs formed "the backbone" of the network, with operators using fake accounts on Facebook and Twitter to target selected audiences with long-form blog posts. Image copyright FACEBOOK Image caption This Russian account posed as a journalist at the US-funded Radio Free Europe/Radio Liberty The firm also spotted a network of under 40 accounts on Twitter, which in some cases showed "direct overlap" with the accounts on Facebook and Instagram.Read More
  • University of Saskatchewan Hit with Cyberattack
    The University of Saskatchewan was the target of an online denial of service (DoS) attack, becoming the second institution in the province to be hit by cybercrime in as many months. "USask IT security continually monitors our IT services to detect threats and reduce the risk to members of the university community," the University of Saskatchewan said in a statement. "In this instance we were able to detect the threat and isolate the potential for an attack." The U of S noted it continues to introduce new security features "to keep pace with the rapidly changing security environment." Asked what the overall effect of the attack was, the school said the statement is the only comment it would be providing.Read More