• Personal data of 16 million Brazilian COVID-19 patients exposed online

    November 26, 2020

    The personal and health information of more than 16 million Brazilian COVID-19 patients has been leaked online after a hospital employee uploaded a spreadsheet with usernames, passwords, and access keys to sensitive government systems on GitHub this month. Among the systems that had credentials exposed were E-SUS-VE and Sivep-Gripe, two government databases used to store data ...

  • Sophos notifies customers of data exposure after database misconfiguration

    November 26, 2020

    UK-based cyber-security vendor Sophos is currently notifying customers via email about a security breach the company suffered earlier this week. “On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support,” the company said in an email sent to customers and ...

  • Ransomware hits largest US fertility network, patient data stolen

    November 26, 2020

    US Fertility, the largest network of fertility centers in the U.S., says that some of its systems were encrypted in a ransomware attack that affected the company two months ago, in September 2020. The US Fertility (USF) network is comprised of 55 locations across 10 states that completed almost 25,000 IVF cycles in 2018 through its ...

  • Laser-Based Hacking from Afar Goes Beyond Amazon Alexa

    November 26, 2020

    Imagine someone hacking into an Amazon Alexa device using a laser beam and then doing some online shopping using that person account. This is a scenario presented by a group of researchers who are exploring why digital home assistants and other sensing systems that use sound commands to perform functions can be hacked by light. The ...

  • Belden networking giant’s company data stolen in cyberattack

    November 25, 2020

    Network device manufacturer Belden was hit with a cyberattack that allowed threat actors to steal files containing information about employees and business partners. Belden is a US-based manufacturer of network connectivity devices, including routers, firewalls, switches, cabling, and connectors. Belden generated $2.5 billion in revenue for 2019 and employs approximately 9,000 people. Read more… Source: Bleeping Computer  

  • Baltimore County Public Schools hit by ransomware attack

    November 25, 2020

    Baltimore County Public Schools has been hit today by a ransomware attack that led to a systemic shutdown of its network due to the number of systems impacted in the attack. The Baltimore County school district manages all public schools in Baltimore County, Maryland, and is the 25th largest U.S. school system. Read more… Source: Bleeping Computer  

  • Three arrested as INTERPOL, Group-IB and the Nigeria Police Force disrupt prolific cybercrime group

    November 25, 2020

    Three suspects have been arrested in Lagos following a joint INTERPOL, Group-IB and Nigeria Police Force cybercrime investigation. The Nigerian nationals are believed to be members of a wider organized crime group responsible for distributing malware, carrying out phishing campaigns and extensive Business Email Compromise scams. The suspects are alleged to have developed phishing links, domains, ...

  • Navigating Gray Clouds – The Importance of Visibility in Cloud Security

    November 23, 2020

    The cloud is the digital world’s ground zero for transformation, innovation, and agility. Its vastness and power enable enterprises and organizations to keep up with high-resource demands and allow them to access mission-critical data anytime, anywhere. With 85% of businesses worldwide using the cloud to store large amounts of information, it has proven its imperative value, ...

  • Botnets have been silently mass-scanning the internet for unsecured ENV files

    November 21, 2020

    Drawing little attention to themselves, multiple threat actors have spent the past two-three years mass-scanning the internet for ENV files that have been accidentally uploaded and left exposed on web servers. ENV files, or environment files, are a type of configuration files that are usually used by development tools. Frameworks like Docker, Node.js, Symfony, and Django use ...

  • New Grelos Skimmer Variants Siphon Credit Card Data

    November 20, 2020

    Just as seasonal online shopping kicks into high gear, new variants of the point-of-sale Grelos skimmer malware have been identified. Variants are targeting the payment-card data of online retail shoppers on dozens of compromised websites, researchers warn. The Grelos skimmer malware has been around since 2015, and its original version is associated with what are called ...

  • IT threat evolution Q3 2020

    November 20, 2020

    IT threat evolution Q3 2020 Mobile statistics The statistics presented here draw on detection verdicts returned by Kaspersky products and received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, the third quarter saw: 1,189 797 detected malicious installers, of which 39,051 packages were related to mobile banking trojans; 6063 packages proved to be mobile ...

  • New Mount Locker Ransomware Version Targeting TurboTax Files

    November 20, 2020

    A new version of the Mount Locker crypto-ransomware strain is specifically targeting victims’ TurboTax files. As reported by Bleeping Computer, Advanced Intel’s Vitali Kremez came across a new Mount Locker sample that specifically sought out files used by the TurboTax tax preparation software. In particular, Kremez observed the sample going after files bearing the “.tax,” “.tax2009,” “.tax2013” ...

  • Weaponizing Open Source Software for Targeted Attacks

    November 20, 2020

    Trojanized open-source software is tricky to spot. This is because it takes on the façade of legitimate, non-malicious software, making it especially stealthy and useful for targeted attacks. However, a closer investigation can reveal suspicious behavior that exposes their malicious intent. How are open-source software trojanized? How can we detect them? To answer these questions, let ...

  • QBot partners with Egregor ransomware in bot-fueled attacks

    November 20, 2020

    The Qbot banking trojan has dropped the ProLock ransomware in favor of the Egregor ransomware who burst into activity in September. Qbot, otherwise known as QakBot or QuakBot, is Windows malware that steals bank credentials, Windows domain credentials, and provides remote access to threat actors who install ransomware. Victims usually become infected with Qbot through phishing emails ...

  • The UK’s new offensive cyber unit takes on organised crime and hostile states

    November 19, 2020

    A new offensive force made up of spies, cyber experts and the members of the military is already conducting cyber operations to disrupt hostile state activities, terrorists and criminals, the UK government has revealed. The new group – known as the National Cyber Force – aims to tackle threats to the UK’s national security such as ...

  • Android chat app with 100 million installs exposes private messages

    November 19, 2020

    GO SMS Pro, an Android instant messaging application with over 100 million installs, is publicly exposing private multimedia files shared between its users. By abusing a flaw in the app, unauthenticated attackers can gain access to private voice messages, videos, and photos shared by GO SMS Pro users as Trustwave security researchers discovered three months ago. The ...

  • Robot Vacuums Suck Up Sensitive Audio in ‘LidarPhone’ Hack

    November 19, 2020

    Researchers have uncovered a new attack that lets bad actors snoop in on homeowners’ private conversations – through their robot vacuums. The vacuums, which utilize smart sensors in order to autonomously operate, have gained traction over the past few years. The attack, called “LidarPhone” by researchers, in particular targets vacuums with LiDAR sensors, as the name ...

  • Egregor Ransomware Attack Hijacks Printers to Spit Out Ransom Notes

    November 19, 2020

    So, you’re a ransomware gang and you want to ensure that you have caught the attention of your latest corporate victim. You could simply drop your ransom note onto the desktop of infected computers, informing the firm that their files have been encrypted. Too dull? You could lock infected PCs and display a ghoulish skull on a bright ...

  • Huge U.K. Defense Spending Boost Funds Cyber Force, Space Command And AI

    November 19, 2020

    U.K. Prime Minister Boris Johnson announced on Wednesday evening that the Ministry of Defence would receive an extra £16.5 bn / $21.8bn over the next four years. This is the largest investment in defense for 30 years and is on top of already agreed increases in spending. Johnson said that the massive increase was justified despite ...

  • Advanced Threat predictions for 2021

    November 19, 2020

    Trying to make predictions about the future is a tricky business. However, while we don’t have a crystal ball that can reveal the future, we can try to make educated guesses using the trends that we have observed over the last 12 months to identify areas that attackers are likely to seek to exploit in ...