Reading Time: ~ 2 min.
Backdoor Found in Children’s Smartwatch
Researchers have discovered that the X4, made by Norwegian
smartwatch seller Xplora,
contains a backdoor that could allow for information to be stolen. The X4 watch
is designed specifically for children with a limited number of capabilities, mostly
for children’s security. The backdoor, however, could allow attackers to take
snapshots, view messages, call records, and access geolocational data from the
wearer. The watches are designed and built in China and it remains unclear who
has access to data created and stored on the devices.
Ransomware Strikes London Borough
The London borough of Hackney
recently fell victim to a ransomware attack, taking several of the council’s
primary services offline. While still little is known about the attack, it’s likely
that encrypted files were also stolen for auctioning to the highest bidder.
Council officials are working with law enforcement to determine the initial
attack vector and information that may have been targeted.
Carnival Reveals Updates to Recent Cyberattack
Nearly two months after a ransomware attack compromised a third-party
vendor for the Carnival
Corporation, the company announced sensitive passenger information has indeed
been exposed. An undetermined number of customers and employees may be affected
across three Carnival cruise lines. With 150,000 employees worldwide, and
upwards of 13 million customers, this data breach could be affect millions of
Ransomware Takes Aim at International Law Firm
International law firm Seyfarth
Shaw has confirmed a ransomware attack targeted their systems over the
weekend. While the extent of the attack remains unclear, several systems were
forced offline after encryption was executed to stop additional spreading. Firm
officials stated that no client information was stolen or illicitly accessed,
but they are still operating without email or a live website. Some systems were
saved from the attack but officials have yet to confirm if customers were
affected by the breach.
Software AG Suffers Major Data Breach
German IoT specialist Software
AG suffered a ransomware attack that was able to exfiltrate significant
amounts of data. Officials have confirmed that, while they have been able to
maintain online services throughout the attack, the malicious downloading of an
unknown amount of sensitive data did take place. The attacking group has not
yet been identified, but other attacks of similar scale have cost companies
anywhere from $20 to $70 million in ransoms for the return of their data.
The post Cyber News Rundown: Child Smartwatch Backdoored appeared first on Webroot Blog.
Reading Time: ~ 2 min.
New Jersey Hospital Pays Massive Ransom
Officials have decided to pay roughly $670,000 in ransom
following a ransomware attack on the University
Hospital in New Jersey. The hospital was likely forced into this decision after
being unable to restore from backups the 240GB of data stolen in the attack on
their systems. It’s not entirely clear what information was stolen, but given the
haste of payment it was likely highly sensitive patient data.
COVID-Related Cyberattacks Target Canadian Companies
A recent survey revealed that over 25% of all Canadian
business organizations had been targeted by a COVID-19-themed
cyberattack since the beginning of the year. Most of the organizations surveyed
also reported seeing a significant rise in overall cyberattacks since the pandemic
began. Worrisome findings also revealed that 38% of organizations surveyed were
unsure if they had fallen victim to any type of cyberattack, which could mean
the amount of customer information for sale on black markets could be
Boom! Mobile Website Compromised
Customer data has been compromised for users of the Boom!
unclear how the unauthorized code got onto the site or how long was active.
Officials for the mobile company have confirmed they do not store payment card
data and that no Boom! Mobile accounts were compromised.
Major Ransomware Attacks Increase Through Q3
Researchers have reported a massive increase in ransomware
attacks in Q3 of 2020, with the Maze group being responsible for 12% of all
attacks. They also reported that Ryuk ransomware variants were responsible for
an average of 20 attacks per week. With the ongoing neglect of cybersecurity in
major corporations, ransomware attacks will likely continue as long as their
authors find them profitable.
Chicago Food Delivery Service Stricken with Data Breach
Nearly 800,000 customer records were compromised following a
data breach at ChowBus,
a Chicago-based food delivery service. With roughly 440,000 unique email
addresses exposed, many individuals are now more susceptible to additional phishing
attacks or identity theft. Fortunately, however, ChowBus does not store payment
card information on its site.
The post Cyber News Rundown: COVID-related Attacks Target Canadian Companies appeared first on Webroot Blog.
Reading Time: ~ 2 min.
Ryuk Shuts Down Universal Health Services
Computer systems for all 400 Universal
Health Services facilities around the globe have reportedly been shut down
following an attack by the Ryuk ransomware group. Ryuk is known for targeting
large organizations, but the healthcare industry has been gaining popularity
among these groups due to high volumes of sensitive information and typically
low levels of security. It’s unknown if the healthcare firm has paid ransoms
for the encrypted data or if they are restoring systems from available backups.
Global Insurance Firm Targeted by Ransomware
The Fortune 500 insurance firm AJG
was forced to take several computer systems offline over the weekend after
identifying a cyber-attack. It’s still unclear which ransomware variant was
responsible for the attack and officials with the firm haven’t revealed if customer
or employee information was stolen. Third-party researchers confirmed multiple AJG
servers, unpatched for a serious vulnerability, could have been the entry point
for the attack.
French Shipping Company Knocked Offline by Ransomware
All computer systems and websites belonging to CMA
CGM, a French shipping giant, were knocked offline by a crippling ransomware
attack. This attack on CMA CGM makes them the fourth international shipping
company to fall victim to a cyberattack, which have proven profitable, in as
many years. The company has verified that the Ragnar Locker ransomware group
was behind the attack, though they have not revealed the ransom asked.
Cyber Attack Forces Swatch to Disconnect Online Services
Though not confirmed by Swatch,
the Swiss watchmaker was reportedly forced to take many of their systems
offline after likely falling victim to a ransomware attack. While the company
did not verify the type of attack, ransomware’s prevalence this year makes it a
likely culprit. Swatch has announced they plan to seek legal action against the
DDoS Attacks See Substantial Rise in 2020
There were over 4.8 million DDoS
attacks during the first half of 2020, a 15% rise over the same period last
year. May alone saw more than 900,000 DDoS attacks, a record for most in a
single month. Ninety percent of these attacks lasted for under an hour, marking
another shift from previous years’ attacks. They have also increased in
complexity, leaving victims and researchers with little time to defend
The post Cyber News Rundown: Ryuk Wreaks Healthcare Havoc appeared first on Webroot Blog.
Reading Time: ~ 2 min.
DHS Announces Massive Increase in LokiBot Attacks
By monitoring and tracking of cyberattacks over 2020, U.S.
Department of Homeland Security (DHS) officials have uncovered a significant
increase in cyberattacks being carried out by LokiBot,
a malicious info-stealer of stored passwords and cryptocurrency information.
The increase in LokiBot attacks can likely be attributed to its ability to
steal credentials from hundreds of applications, and its range of other features
that make it appealing to a wide variety of cyber criminals.
Long Island Hospital Suffers Data Breach
a third-party vendor for a Long Island hospital, may have exposed sensitive
patient information after it suffered a data breach this summer. In a July statement,
Blackbaud revealed personally identifiable information for a number of patients
was stolen but claimed it was destroyed shortly afterwards. Affected patients
have been contacted regarding the breach and stolen information.
Thousands of Customers Exposed in Town Sports Breach
A database containing highly sensitive information belonging
to over 600,000 customers and employees of Town
Sports International was found publicly exposed on the internet. Town
Sports recently filed for bankruptcy and was notified of this breach roughly a
week later. While the company did not publically respond to the findings, the
information secured the following day included everything from physical
addresses to payment card info and other billing data. Past clients of the
fitness chain should be wary of any emails they receive regarding their Town
Global Operation Takes Down Major Dark Web Drug Network
In a major collaboration between Europol and other global
intelligence organizations, 179 individuals across six countries have been
arrested in relation to drug
trafficking through Dark Web markets. Officials also revealed that this
bust allowed them to seize $6.5 million in cash and hundreds of kilograms of
illicit drugs. The operation is another setback for anonymous marketplaces allowing
for the buying and selling of illegal goods and services as law enforcement continues
to target rogue online bazaars.
Data from Over 200 Merchants Leaked in Shopify Breach
Data from at least 200 merchants was compromised after an
internal support employee for Shopify
was found to be stealing data. While the data included only basic contact
information on customers and no payment card or social security info was taken,
officials for Shopify are still working to determine the extent of the theft
and if it has further changed hands. The employees involved with this breach
have since been fired and all access to Shopify systems has been revoked to prevent
The post Cyber News Rundown: LokiBot Attacks Increase appeared first on Webroot Blog.