The Instructure/Canvas data breach that has dominated cybersecurity coverage recently has reached a new stage.
Millions of students had personal data stolen, with extortion group ShinyHunters claiming credit for the data breach and applying extra pressure for their ransom demands by bothering Canvas users directly.
Which seems to have paid off. On the Instructure web page about the recent data breach, a status update dated May 11, 26 says:
“We know that concerns about the potential publication of data related to this incident remain top of mind for many customers. We understand how unsettling situations like this can be, and protecting our community remains our top priority.
With that responsibility in mind, Instructure reached an agreement with the unauthorized actor involved in this incident.”
Read more…
Source: Malwarebites Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Nocturnal Stealer Lets Low-Skilled Cybercrooks Harvest Sensitive Info
May 31, 2018
The Nocturnal Stealer malware has crept into the Dark Web like a thief in the night, offering criminals a lucrative payday for a small price — and little effort. It’s a commodity malware, debuting on an underground forum in March for the low price of $25. It steals things, including 28 different kinds of cryptocurrency wallets, ...
- Brazilian Banking Trojan Communicates Via Microsoft SQL Server
May 29, 2018
Researchers have discovered a banking trojan making waves in Brazil with an array of tricks up its sleeve, including using an unusual command and control (C&C) server and a full-screen social-engineering overlay form. Researchers at IBM X-Force research on Tuesday revealed that attackers are using the malware – dubbed MnuBot –mainly in Brazil to perform illegal ...
- VPNFilter Malware Infects 500k Routers Including Linksys, MikroTik, NETGEAR
May 23, 2018
Malware called VPNFilter has infected 500,000 router brands ranging from Linksys, MikroTik, NETGEAR and TP-Link that are mostly used in home offices. Researchers at Cisco Talos said they decided to warn the public of the threat despite the fact the infected devices and malware are still under investigation. Researchers said their investigation into VPNFilter has been ...
- Wicked Botnet Uses Passel of Exploits to Target IoT
May 21, 2018
Yet another variant of the Mirai botnet has appeared on the scene, but this one has a twist: The code is integrated with at least three exploits that target unpatched IoT devices, including closed-circuit cameras and Netgear routers. It also has ties to a web of other botnets, made for DDoS attacks, which can all ...
- DNS-Hijacking Malware Targeting iOS, Android and Desktop Users Worldwide
May 21, 2018
Widespread routers’ DNS hijacking malware that recently found targeting Android devices has now been upgraded its capabilities to target iOS devices as well as desktop users. Dubbed Roaming Mantis, the malware was initially found hijacking Internet routers last month to distribute Android banking malware designed to steal users’ login credentials and the secret code for two-factor authentication. Read more… Source: The ...
- Airports are ill-equipped to deal with a major cyber-attacks
May 16, 2018
The report titled,‘Overcome the Silent Threat’, says that an increasing consumer demand for faster internet and digital engagement with airlines and retailers are providing cyber criminals with more opportunities to attack. According to the latest figures from the European Aviation Safety Agency, there are currently around 1,000 cyber-attacks each month on airport and aviation systems worldwide. Read more… Source: ...