A passenger railroad service announced that a data breach might have affected some passengers’ personally identifiable information (PII). In a “Notice of Data Breach” letter sent to the Attorney General’s Office of Vermont, Amtrak revealed that it had discovered the data breach on April 16 2020. Amtrak looked into the matter and discovered that an […]… Read More
The post Passenger Railroad Service Says Data Breach Might Have Affected PII appeared first on The State of Security.
The U.S. National Security Agency (NSA) warned that the Sandworm team is exploiting a vulnerability that affects Exim Mail Transfer Agent (MTA) software. In a cybersecurity advisory published on May 28, the NSA revealed that the Sandworm team has been exploiting the Exim MTA security flaw since August 2019. The vulnerability (CVE-2019-10149) first appeared in […]… Read More
The post Sandworm Team Exploiting Vulnerability in Exim Mail Transfer Agent appeared first on The State of Security.
Security researchers witnessed the deployment of PonyFinal ransomware at the end of extended human-operated attack campaigns. In a series of tweets, Microsoft Security Intelligence revealed it had observed human-operated campaigns laying in wait for the right moment to deploy PonyFinal ransomware as their final payload. In their operations, the attackers used brute force attacks against […]… Read More
The post PonyFinal Ransomware Delivered by Extended Human-Operated Attacks appeared first on The State of Security.
A new ransomware family called “[F]Unicorn” masqueraded as a COVID-19 contact tracing app in order to target Italian users. On May 25, the the Computer Emergency Response Team (CERT) from the Agency for Digital Italy (AgID) revealed in an advisory that it had received a sample of [F]Unicorn from security researcher JamesWT_MHT. The sample analyzed […]… Read More
The post [F]Unicorn Ransomware Masquerading as COVID-19 Contact Tracing App appeared first on The State of Security.
The post Updated AnarchyGrabber Steals Passwords, Spreads to Discord Friends appeared first on The State of Security.
A hacking group claimed that it developed a new ransomware strain called “MilkanVictory” for the purpose of attacking scammers. Collectively known as “CyberWare,” the group announced their creation on Twitter in mid-May. This is a ransomware i made to send to scammers. MAY I ASK WHY YOU ARE MAKING THINGS ABOUT ANTI-SCAMMER RANSOMWRE — CyberWare […]… Read More
The post MilkmanVictory Ransomware Created for Purpose of Attacking Scammers appeared first on The State of Security.
Security researchers discovered that the Scattered Canary group had filed hundreds of fraudulent unemployment claims in the wake of COVID-19. According to Agari Cyber Intelligence Division, at least some of the threat actors who took part in a large-scale fraud campaign targeting dozens of states’ unemployment insurance programs belonged to a Nigerian digital crime group […]… Read More
The post Scattered Canary Behind Hundreds of Fraudulent Unemployment Claims appeared first on The State of Security.
The digital threat landscape is always changing. This year is an excellent (albeit extreme) example. With the help of Dimensional Research, Tripwire found out that 58% of IT security professionals were more concerned about the security of their employees’ home networks than they were before the outbreak of coronavirus 2019 (COVID-19). Slightly fewer percentages of […]… Read More
The post Attacks Targeting ICS & OT Assets Grew 2000% Since 2018, Report Reveals appeared first on The State of Security.
British low-cost airline group easyJet revealed that an hacking incident had exposed approximately nine million customers’ information. On May 19, easyJet issued a “Notice of cyber security incident” in which it revealed that it had fallen victim to a digital attack from a “highly sophisticated source.” An investigation revealed that those responsible for the security […]… Read More
The post Around 9 Million easyJet Customers’ Details Stolen in Hacking Incident appeared first on The State of Security.
Government officials said that a glitch in the State of Illinois’ Pandemic Unemployment Assistance (PUA) program exposed thousands of people’s Social Security Numbers (SSNs) and other private data. Jordan Abudayyeh, a spokesperson for Illinois Governor J. B. Pritzer, sent a statement to WBEZ on May 16. In it, she revealed that the Illinois Department of […]… Read More
The post ‘Glitch’ in Illinois’ PUA System Blamed for Exposing SSNs, Private Data appeared first on The State of Security.
A middleman organization in the United Kingdom’s power grid network suffered a digital attack that affected its internal IT systems. Electricity trading arrangements provider Elexon publicly disclosed the attack in a bulletin posted to its website on May 14: We are advising you that today that ELEXON’s internal IT systems have been impacted by a […]… Read More
The post UK Power Grid Network Middleman Struck by Digital Attack appeared first on The State of Security.
The United States Marshals Service announced a data breach involving the personal information of its former and current prisoners. In a data breach notification letter obtained by ZDNet, the U.S. Marshals Service revealed that it had first learned of the security incident in late 2019. On December 30, 2019, the United States Marshals Service (USMS), […]… Read More
The post U.S. Marshals Announced Data Breach of Prisoners’ Information appeared first on The State of Security.
Digital attacks continue to exploit coronavirus 2019 (COVID-19) as part of their malicious operations. On May 5, 2020, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) along with the United Kingdom’s National Cyber Security Centre (NCSC) published a joint alert in which they revealed that they had witnessed APT actors targeting […]… Read More
The post COVID-19 Scam Roundup – May 11, 2020 appeared first on The State of Security.
Security researchers attributed a spike in Snake ransomware activity to a new campaign that’s targeted organizations worldwide. Snake ransomware first attracted the attention of malware analysts in January 2020 when they observed the crypto-malware family targeting entire corporate networks. Shortly after this discovery, the threat quieted down. It produced few new detected infections in the […]… Read More
The post Spike in Snake Ransomware Activity Attributed to New Campaign appeared first on The State of Security.
The Financial Industry Regulatory Authority (FINRA) warned that digital fraudsters are impersonating it in an ongoing phishing email campaign. In a regulatory notice published on its website, FINRA revealed that malicious actors had sent out fraudulent emails in which they had impersonated officers at the regulatory authority including Bill Wollman and Josh Drobnyk. All of […]… Read More
The post Digital Fraudsters Masquerading as FINRA in Phishing Emails appeared first on The State of Security.
The Ryuk and Sodinokibi ransomware families both contributed to an increase in the ransom amounts demanded by attackers over the past quarter. Coveware found that the average ransom amount demanded by ransomware attacks in Q1 2020 was $111,605. This amount was a third higher than what it had been in the final quarter of the […]… Read More
The post Increase in Ransomware Demand Amounts Driven by Ryuk, Sodinokibi appeared first on The State of Security.
Malicious actors continue to abuse coronavirus 2019 (COVID-19) as a lure to profit off of innocent people. Indeed, Arkose Labs found that 26.5% of all transactions recorded in Q1 2020 were fraud and abuse attempts—a 20% increase over the previous quarter and the highest attack rate ever observed by the security firm’s researchers. It’s therefore […]… Read More
The post COVID-19 Scam Roundup – May 4, 2020 appeared first on The State of Security.
Security researchers observed that digital attackers are increasingly incorporating the reCaptcha API into their phishing campaigns. Barracuda Networks explained that malicious actors are starting to outfit their phishing attempts with reCaptcha walls so that they can shield their landing pages from automated URL analysis tools as well as add a sense of legitimacy to their […]… Read More
The post Phishers Increasingly Incorporating reCaptcha API into Campaigns appeared first on The State of Security.