Author Archives: David Bisson

The Weather Channel Suffers Ransomware Attack

Local and national weather forecast provider The Weather Channel suffered a ransomware attack that temporarily prevented it from going live on the air. Regular viewers got a surprise when they tuned into The Weather Channel on the morning of 18 April. They were expecting to watch “AMHQ,” the network’s live morning show which begins at […]… Read More

The post The Weather Channel Suffers Ransomware Attack appeared first on The State of Security.

Ransomware Attack Targeted Data Intelligence Firm Verint

Bad actors used a ransomware attack to target the Israeli offices of the customer engagement and digital intelligence company Verint. On 17 April, ZDNet received a screenshot taken by an employee who works at one of Verint’s Israeli offices. The screenshot shows what appears to be a warning message which the data intelligence firm displayed […]… Read More

The post Ransomware Attack Targeted Data Intelligence Firm Verint appeared first on The State of Security.

Navicent Health Discloses Data Breach as the Result of a Digital Attack

Navicent Health, a part of Central Georgia Health System, has disclosed that it suffered a data breach as the result of a digital attack. The second-largest hospital in Georgia and the only regional Level I Trauma Center, Navicent Health explains in a data breach notice that it learned of a digital attack involving some of […]… Read More

The post Navicent Health Discloses Data Breach as the Result of a Digital Attack appeared first on The State of Security.

Spear Phishing Campaign Targeted Ukraine Government Entities

Researchers observed bad actors using a spear phishing campaign to target government entities in Ukraine including military departments. In the beginning of 2019, FireEye Threat Intelligence analyzed an email sent out as part of this campaign. The email used “SPEC-20T-MK2-000-ISS-4.10-09-2018-STANDARD” as its subject line. It also spoofed the sender address so that it appeared to […]… Read More

The post Spear Phishing Campaign Targeted Ukraine Government Entities appeared first on The State of Security.

RobbinHood Ransomware Demands Grow $10K Per Day after Fourth Day

The ransom demands imposed by the new “RobbinHood” ransomware family increase $10,000 each day beginning on the fourth day following encryption. The creators of RobbinHood appear to be aiming their attacks at entire networks. When they’ve gained access to a target, they use their ransomware to encrypt as many computers as possible. They then drop […]… Read More

The post RobbinHood Ransomware Demands Grow $10K Per Day after Fourth Day appeared first on The State of Security.

MuddyWater Group Using Spam Campaign to Hijack Victims’ Computers

The MuddyWater threat attack group is using a spam campaign to hijack victims’ computers and steal sensitive information. Discovered by Heimdal Security in early April, the campaign begins when malicious actors use social engineering techniques to trick a user into opening a malicious Microsoft Office document attached to a phishing email. The document contains VBA […]… Read More

The post MuddyWater Group Using Spam Campaign to Hijack Victims’ Computers appeared first on The State of Security.

How to Build an Effective ICS Security Program

Industrial control systems (ICS) security is an important concern for businesses in today’s world. Kaspersky Lab is well aware of this fact. It observed as much in its “The State of Industrial Cybersecurity 2018” report when three-quarters of respondents affirmed ICS security to be a top concern for their organization. But the Russian security firm […]… Read More

The post How to Build an Effective ICS Security Program appeared first on The State of Security.

TRITON Framework Leveraged at a Second Critical Infrastructure Facility

Researchers have discovered that malicious actors leveraged the TRITON framework at a second critical infrastructure facility. In this particular attack, the threat actor maintained access to the target corporate networks for nearly a year before gaining access to the Safety Instrumented System (SIS) engineering workstation. They remained relatively quiet all the while as they worked […]… Read More

The post TRITON Framework Leveraged at a Second Critical Infrastructure Facility appeared first on The State of Security.

AeroGrow Discloses Data Breach of Customers’ Payment Card Information

Indoor gardening system manufacturer AeroGrow has disclosed a data breach that involved customers’ payment card information. In a sample data breach notice obtained by the Office of Attorney General for the State of California, AeroGrow senior vice president of finance and accounting Grey H. Gibbs explains that the company learned of the security incident on […]… Read More

The post AeroGrow Discloses Data Breach of Customers’ Payment Card Information appeared first on The State of Security.

Planetary Ransomware Victims Can Now Recover Their Files for Free

Security researchers have released a decryptor that enables victims of the Planetary ransomware family to recover their files for free. Released by Emsisoft, this decryptor requires a victim to have a copy of the ransom note. It’s not hard to find. Planetary ransomware, which earns its name for its use of planet-related file extensions including […]… Read More

The post Planetary Ransomware Victims Can Now Recover Their Files for Free appeared first on The State of Security.