Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.
With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.
Read more…
Source: CNN News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- 5 arrested in Poland for running bulletproof hosting service for cybercrime gangs
August 11, 2023
This week, the Polish Central Cybercrime Bureau (Centralne Biuro Zwalczania Cyberprzestępczości) under the supervision of the Regional Prosecutor’s Office in Katowice (Prokuratura Regionalna w Katowicach) took action against LolekHosted.net, a bulletproof hosting service used by criminals to launch cyber-attacks across the world. Five of its administrators were arrested, and all of its servers seized, rendering LolekHosted.net ...
- Unknown actor targets power generator with DroxiDat and Cobalt Strike
August 10, 2023
Recently Kaspersky pushed a report about an interesting and common component of the cybercrime malware set – SystemBC. And, in much the same vein as the 2021 Darkside Colonial Pipeline incident, they found a new SystemBC variant deployed to a critical infrastructure target. This time, the proxy-capable backdoor was deployed alongside Cobalt Strike beacons in ...
- Attacker combines phone, email lures into believable, complex attack chain
August 10, 2023
In the course of performing a postmortem investigation of an infected computer, Sophos X-Ops discovered that the attack began with an innocent-sounding phone call. The caller prompted an employee of a Switzerland-based organization to initiate a complex attack chain that compromised the employee’s computer. Sophos Incident Response analysts found that the attackers may have targeted the ...
- JanelaRAT: Repurposed BX Rat Variant Targeting LATAM FinTech
August 10, 2023
In June of 2023, researchers at Zscaler ThreatLabz discovered a threat actor targeting FinTech users in the LATAM region. JanelaRAT involves several tactics, techniques, and procedures (TTPs) such as DLL side-loading, dynamic C2 infrastructure, and a multi-stage attack. The final malware involved in this campaign is a heavily modified variant of BX RAT. Because of this, ...
- Common TTPs of attacks against industrial organizations
August 10, 2023
In 2022 Kaspersky investigated a series of attacks against industrial organizations in Eastern Europe. In the campaigns, the attackers aimed to establish a permanent channel for data exfiltration, including data stored on air-gapped systems. Based on similarities found between these campaigns and previously researched campaigns (e.g., ExCone, DexCone), including the use of FourteenHi variants, specific TTPs ...
- An overview of the new Rhysida ransomware targeting the Healthcare sector
August 9, 2023
On August 4, 2023, the HHS’ Health Sector Cybersecurity Coordination Center (HC3) released a security alert about a relatively new ransomware called Rhysida (detected as Ransom.PS1.RHYSIDA.SM), which has been active since May 2023. In this blog entry, Trend Micro reaseachers will provide details on Rhysida, including its targets and what they know about its infection ...