85% of COVID-19 tracking apps leak data
https://www.helpnetsecurity.com/2020/09/30/covid-19-tracking-apps-leak-data/
Excerpt:
“71% of healthcare and medical apps have at least one serious vulnerability that could lead to a breach of medical data, according to Intertrust. The report investigated 100 publicly available global mobile healthcare apps across a range of categories—including telehealth, medical device, health commerce, and COVID-tracking—to uncover the most critical mHealth app threats.”
Nevada school district refuses to submit to ransomware blackmail, hacker publishes student data
Charlie Osborne
https://www.zdnet.com/article/nevada-school-district-refuses-to-submit-to-ransomware-blackmail-hacker-responds-by-publishing-student-data/
Excerpt:
“A cybercriminal has published private data belonging to thousands of students following a failed attempt to extort a ransomware payment from a Nevada school district.”
Major hospital system hit with cyberattack, potentially largest in U.S. history
Kevin Collier
https://www.nbcnews.com/tech/security/cyberattack-hits-major-u-s-hospital-system-n1241254
Excerpt:
“A major hospital chain has been hit by what appears to be one of the largest medical cyberattacks in United States history.”
REvil ransomware deposits $1 million in hacker recruitment drive
Lawrence Abrams
https://www.bleepingcomputer.com/news/security/revil-ransomware-deposits-1-million-in-hacker-recruitment-drive/
Excerpt:
“The REvil Ransomware (Sodinokibi) operation has deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business.”
Mount Locker ransomware joins the multi-million dollar ransom game
Lawrence Abrams
https://www.bleepingcomputer.com/news/security/mount-locker-ransomware-joins-the-multi-million-dollar-ransom-game/
Excerpt:
“A new ransomware operation named Mount Locker is underway stealing victims' files before encrypting and then demanding multi-million dollar ransoms. Starting around the end of July 2020, Mount Locker began breaching corporate networks and deploying their ransomware.”
Hackers leak details of 1,000 high-ranking Belarus police officers
Catalin Cimpanu
https://www.zdnet.com/article/hackers-leak-details-of-1000-high-ranking-belarus-police-officers/
Excerpt:
“A group of hackers has leaked on Saturday the names and personal details of more than 1,000 high-ranking Belarusian police officers in response to violent police crackdowns against anti-government demonstrations.”
Anonymous Site Ramps Up 'Doxxing' Campaign Against HK Activists
AFP
https://www.securityweek.com/anonymous-site-ramps-doxxing-campaign-against-hk-activists
Excerpt:
“Since her personal phone number was posted online, Hong Kong pro-democracy activist Carol Ng has received menacing calls from strangers and been bombarded with messages calling her a "cockroach". She is not alone. A sophisticated and shady website called HK Leaks has ramped up its "doxxing" -- where people's personal details are published online -- of Hong Kong political activists, targeting those it says have broken a sweeping new national security law.”
Breach of COVID-19 Test Data Undermines Pandemic Response
Mathew J. Schwartz
https://www.bankinfosecurity.com/blogs/breach-covid-19-test-data-undermines-pandemic-response-p-2938
Excerpt:
“What's one of the worst things that can happen during a pandemic? The answer is anything that gives people less trust in their public health system to handle the crisis, potentially leading to lower compliance with essential government guidance and undercutting efforts to eradicate the outbreak.”
U.S. Charges Hackers for Defacing Sites in Response to Killing of Qasem Soleimani
Eduard Kovacs
https://www.securityweek.com/us-charges-hackers-defacing-sites-response-killing-qasem-soleimani
Excerpt:
“The United States on Tuesday announced charges against two men from Iran and Palestine accused of defacing websites in response to the killing of Qasem Soleimani.”
Data Breach Hits 46,000 US Veterans
Phil Muncaster
https://www.infosecurity-magazine.com/news/data-breach-hits-46000-us-veterans/
Excerpt:
“Tens of thousands of US veterans have had their personal information illegally accessed in a data breach incident announced on Monday. The US Department of Veterans Affairs (VA) Office of Management revealed that 46,000 veterans had been affected by the incident.”
Magento stores hit by largest automated hacking attack since 2015
Lawrence Abrams
https://www.bleepingcomputer.com/news/security/magento-stores-hit-by-largest-automated-hacking-attack-since-2015/
Excerpt:
“In the largest automated hacking campaign against Magento sites, attackers compromised almost 2,000 online stores this weekend to steal credit cards. Adobe Magento is a popular eCommerce platform that allows web sites to quickly create an online store to sell their products and accept credit cards.”
CIRWA Project tracks ransomware attacks on critical infrastructure
Pierluigi Paganini
https://securityaffairs.co/wordpress/108225/malware/cirwa-ransomware-critical-infrastructure.html
Excerpt:
“A team of researchers at Temple University in Philadelphia has presented a project named CIRWA (repository of critical infrastructure ransomware attacks) that aims at tracking ransomware attacks on critical infrastructure worldwide.”
Nine out of ten IT pros have experienced a data breach
https://www.helpnetsecurity.com/2020/09/10/nine-out-of-ten-it-pros-have-experienced-a-data-breach/
Excerpt:
“Exonar, has today published research revealing that 94 percent of IT pros have experienced a data breach, and an overwhelming majority (79 percent) are worried that their current organization could be next.”
What happens to funds once they have been stolen in a cyberattack?
https://www.helpnetsecurity.com/2020/09/09/what-happens-to-funds-once-they-have-been-stolen-in-a-cyberattack/
Excerpt:
“SWIFT and BAE Systems published a report that describes the complex web of money mules, front companies and cryptocurrencies that criminals use to siphon funds from the financial system after a cyber attack.”
Ransomware hackers shut down Argentina’s borders, demand $4M BTC
Turner Wright
https://cointelegraph.com/news/ransomware-hackers-shut-down-argentinas-borders-demand-4m-btc
Excerpt:
“Government officials in Argentina are refusing to negotiate with a ransomware group that forced them to briefly close all immigration checkpoints on Aug. 27. According to a Sept. 6 report on Bleeping Computer, a group of Netwalker ransomware hackers breached Argentina's immigration agency, Dirección Nacional de Migraciones, on Aug. 27 and initially demanded a $2 million payment to restore its servers.”
Chilean bank BancoEstado hit by REVil ransomware
Pierluigi Paganini
https://securityaffairs.co/wordpress/108014/cyber-crime/bancoestado-ransomware.html
Excerpt:
“Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. The ransomware encrypted most of the company servers and workstations.”
Digital Education: The cyberrisks of the online classroom
Kaspersky
https://securelist.com/digital-education-the-cyberrisks-of-the-online-classroom/98380/
Excerpt:
“This past spring, as the COVID-19 pandemic took hold, online learning became the new norm as universities and classrooms around the world were forced to close their doors. By April 29, 2020, more than 1.2 billion children across 186 countries were impacted by school closures.”
Hackers Attack Norway's Parliament
AFP
https://www.securityweek.com/hackers-attack-norways-parliament
Excerpt:
“Norway's parliament said Tuesday it had been the target of a "vast" cyber attack that enabled hackers to access the emails of some lawmakers. The hackers' identities were not immediately known.”
Read full article
https://www.helpnetsecurity.com/2020/09/30/covid-19-tracking-apps-leak-data/
Excerpt:
“71% of healthcare and medical apps have at least one serious vulnerability that could lead to a breach of medical data, according to Intertrust. The report investigated 100 publicly available global mobile healthcare apps across a range of categories—including telehealth, medical device, health commerce, and COVID-tracking—to uncover the most critical mHealth app threats.”
Nevada school district refuses to submit to ransomware blackmail, hacker publishes student data
Charlie Osborne
https://www.zdnet.com/article/nevada-school-district-refuses-to-submit-to-ransomware-blackmail-hacker-responds-by-publishing-student-data/
Excerpt:
“A cybercriminal has published private data belonging to thousands of students following a failed attempt to extort a ransomware payment from a Nevada school district.”
Major hospital system hit with cyberattack, potentially largest in U.S. history
Kevin Collier
https://www.nbcnews.com/tech/security/cyberattack-hits-major-u-s-hospital-system-n1241254
Excerpt:
“A major hospital chain has been hit by what appears to be one of the largest medical cyberattacks in United States history.”
REvil ransomware deposits $1 million in hacker recruitment drive
Lawrence Abrams
https://www.bleepingcomputer.com/news/security/revil-ransomware-deposits-1-million-in-hacker-recruitment-drive/
Excerpt:
“The REvil Ransomware (Sodinokibi) operation has deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business.”
Mount Locker ransomware joins the multi-million dollar ransom game
Lawrence Abrams
https://www.bleepingcomputer.com/news/security/mount-locker-ransomware-joins-the-multi-million-dollar-ransom-game/
Excerpt:
“A new ransomware operation named Mount Locker is underway stealing victims' files before encrypting and then demanding multi-million dollar ransoms. Starting around the end of July 2020, Mount Locker began breaching corporate networks and deploying their ransomware.”
Hackers leak details of 1,000 high-ranking Belarus police officers
Catalin Cimpanu
https://www.zdnet.com/article/hackers-leak-details-of-1000-high-ranking-belarus-police-officers/
Excerpt:
“A group of hackers has leaked on Saturday the names and personal details of more than 1,000 high-ranking Belarusian police officers in response to violent police crackdowns against anti-government demonstrations.”
Anonymous Site Ramps Up 'Doxxing' Campaign Against HK Activists
AFP
https://www.securityweek.com/anonymous-site-ramps-doxxing-campaign-against-hk-activists
Excerpt:
“Since her personal phone number was posted online, Hong Kong pro-democracy activist Carol Ng has received menacing calls from strangers and been bombarded with messages calling her a "cockroach". She is not alone. A sophisticated and shady website called HK Leaks has ramped up its "doxxing" -- where people's personal details are published online -- of Hong Kong political activists, targeting those it says have broken a sweeping new national security law.”
Breach of COVID-19 Test Data Undermines Pandemic Response
Mathew J. Schwartz
https://www.bankinfosecurity.com/blogs/breach-covid-19-test-data-undermines-pandemic-response-p-2938
Excerpt:
“What's one of the worst things that can happen during a pandemic? The answer is anything that gives people less trust in their public health system to handle the crisis, potentially leading to lower compliance with essential government guidance and undercutting efforts to eradicate the outbreak.”
U.S. Charges Hackers for Defacing Sites in Response to Killing of Qasem Soleimani
Eduard Kovacs
https://www.securityweek.com/us-charges-hackers-defacing-sites-response-killing-qasem-soleimani
Excerpt:
“The United States on Tuesday announced charges against two men from Iran and Palestine accused of defacing websites in response to the killing of Qasem Soleimani.”
Data Breach Hits 46,000 US Veterans
Phil Muncaster
https://www.infosecurity-magazine.com/news/data-breach-hits-46000-us-veterans/
Excerpt:
“Tens of thousands of US veterans have had their personal information illegally accessed in a data breach incident announced on Monday. The US Department of Veterans Affairs (VA) Office of Management revealed that 46,000 veterans had been affected by the incident.”
Magento stores hit by largest automated hacking attack since 2015
Lawrence Abrams
https://www.bleepingcomputer.com/news/security/magento-stores-hit-by-largest-automated-hacking-attack-since-2015/
Excerpt:
“In the largest automated hacking campaign against Magento sites, attackers compromised almost 2,000 online stores this weekend to steal credit cards. Adobe Magento is a popular eCommerce platform that allows web sites to quickly create an online store to sell their products and accept credit cards.”
CIRWA Project tracks ransomware attacks on critical infrastructure
Pierluigi Paganini
https://securityaffairs.co/wordpress/108225/malware/cirwa-ransomware-critical-infrastructure.html
Excerpt:
“A team of researchers at Temple University in Philadelphia has presented a project named CIRWA (repository of critical infrastructure ransomware attacks) that aims at tracking ransomware attacks on critical infrastructure worldwide.”
Nine out of ten IT pros have experienced a data breach
https://www.helpnetsecurity.com/2020/09/10/nine-out-of-ten-it-pros-have-experienced-a-data-breach/
Excerpt:
“Exonar, has today published research revealing that 94 percent of IT pros have experienced a data breach, and an overwhelming majority (79 percent) are worried that their current organization could be next.”
What happens to funds once they have been stolen in a cyberattack?
https://www.helpnetsecurity.com/2020/09/09/what-happens-to-funds-once-they-have-been-stolen-in-a-cyberattack/
Excerpt:
“SWIFT and BAE Systems published a report that describes the complex web of money mules, front companies and cryptocurrencies that criminals use to siphon funds from the financial system after a cyber attack.”
Ransomware hackers shut down Argentina’s borders, demand $4M BTC
Turner Wright
https://cointelegraph.com/news/ransomware-hackers-shut-down-argentinas-borders-demand-4m-btc
Excerpt:
“Government officials in Argentina are refusing to negotiate with a ransomware group that forced them to briefly close all immigration checkpoints on Aug. 27. According to a Sept. 6 report on Bleeping Computer, a group of Netwalker ransomware hackers breached Argentina's immigration agency, Dirección Nacional de Migraciones, on Aug. 27 and initially demanded a $2 million payment to restore its servers.”
Chilean bank BancoEstado hit by REVil ransomware
Pierluigi Paganini
https://securityaffairs.co/wordpress/108014/cyber-crime/bancoestado-ransomware.html
Excerpt:
“Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. The ransomware encrypted most of the company servers and workstations.”
Digital Education: The cyberrisks of the online classroom
Kaspersky
https://securelist.com/digital-education-the-cyberrisks-of-the-online-classroom/98380/
Excerpt:
“This past spring, as the COVID-19 pandemic took hold, online learning became the new norm as universities and classrooms around the world were forced to close their doors. By April 29, 2020, more than 1.2 billion children across 186 countries were impacted by school closures.”
Hackers Attack Norway's Parliament
AFP
https://www.securityweek.com/hackers-attack-norways-parliament
Excerpt:
“Norway's parliament said Tuesday it had been the target of a "vast" cyber attack that enabled hackers to access the emails of some lawmakers. The hackers' identities were not immediately known.”
Read full article