HackDig : Dig high-quality web security articles for hackers

German Hospital Hit by Ransomware, Patient Dies After Being Redirected

A patient died after being redirected to another medical facility as the result of a German hospital having suffered a ransomware infection.On September 17, the Associated Press reported that a woman who needed urgent medical attention died after being transferred from University Hospital of Düsseldorf (Universitätsklinikum Düsseldorf) to a facility in anoth
Publish At:2020-09-18 07:50 | Read:126 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Hospita

Maze Gang Distributed Ransomware Payload Inside VM

The gang responsible for the Maze ransomware family conducted an attack in which they distributed their malware payload inside of a virtual machine (VM).Sophos’ Managed Threat Response (MTR) observed the technique in action while investigating an attack that occurred back in July 2020.In that incident, the attackers packaged the ransomware payload inside of
Publish At:2020-09-17 16:40 | Read:143 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Maze ra

New Smishing Campaign Using USPS as Its Disguise

A new SMS-based phishing (“smishing”) campaign is using the United States Postal Service (USPS) as a disguise to target mobile users.On September 15, SlickRockWeb CEO Eric JN Eliason tweeted out two examples of the operation.Both attack SMS messages claimed to contain important information about a USPS package. Using that lure, they attempted to
Publish At:2020-09-16 09:24 | Read:160 | Comments:0 | Tags:IT Security and Data Protection Latest Security News smishin

Security Incident at VA Exposed 46K Veterans’ Information

The Office of Management at the U.S. Department of Veterans Affairs (VA) disclosed a security incident involving the personal data of 46,000 veterans.The VA detailed the data breach in a statement published on its website on September 14.According to this press release, the VA’s Financial Services Center (FSC) discovered that unauthorized actors had ac
Publish At:2020-09-15 09:56 | Read:151 | Comments:0 | Tags:IT Security and Data Protection Latest Security News data br

Over 18K COVID-19 Patients’ Data Mistakenly Exposed by NHS Trust

A National Health Service (NHS) Trust revealed that it had mistakenly uploaded the personal information of over 18,000 people who had previously tested positive for coronavirus 2019 (COVID-19).On September 14, Public Health Wales announced in a web statement that the data breach had occurred back on the afternoon of August 30, 2020.This notice explained that
Publish At:2020-09-14 18:18 | Read:108 | Comments:0 | Tags:IT Security and Data Protection Latest Security News COVID-1

CISA Warns Election-Related Entities to Be on Watch for Phishing Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned election-related entities to be on the lookout for phishing attacks.In an insight piece published on September 10, CISA highlighted malicious actors’ preference for phishing attacks in their efforts to target political parties, think tanks and other entities that might be involved
Publish At:2020-09-11 08:10 | Read:165 | Comments:0 | Tags:IT Security and Data Protection Latest Security News CISA el

O365 Phishing Attack Used Real-Time Validation against Active Directory

A phishing attack used real-time validation against an organization’s Active Directory in order to steal users’ Office 365 credentials.According to Armorblox, the phishing attack targeted an executive working at an American brand that was named one of the world’s Top 50 most innovative companies for 2019 on a Friday evening.The email used s
Publish At:2020-09-10 12:42 | Read:73 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Active

Pakistani Electric Supply Company Struck by Netwalker Ransomware

An electric supply company based in Karachi, Pakistan suffered a Netwalker ransomware infection that disrupted its billing and online services.Bleeping Computer learned of the attack through Ransom Leaks, a ransomware researcher who received word from a local Pakistani company that the attack was affecting K-Electric’s internal services.According to Re
Publish At:2020-09-09 09:14 | Read:134 | Comments:0 | Tags:IT Security and Data Protection Latest Security News K-Elect

DoppelPaymer Gang Claims Responsibility for Newcastle University Issues

The DoppelPaymer ransomware gang claimed responsibility for a digital security incident that affected Newcastle University’s network and systems.In a news release published on its website, Newcastle University revealed that it had begun experiencing issues with several of its IT systems on August 30.Those issues rendered all services inoperable except
Publish At:2020-09-08 17:36 | Read:123 | Comments:0 | Tags:IT Security and Data Protection Latest Security News DoppelP

Targeted Company’s Homepage Used in Message Quarantine Phish

Security researchers observed that malicious actors had incorporated a targeted company’s homepage into a message quarantine phishing campaign.The Cofense Phishing Defense Center found that the phishing campaign began with an attack email that disguised itself as a message quarantine notification from the targeted company’s IT department.The emai
Publish At:2020-09-04 11:58 | Read:152 | Comments:0 | Tags:IT Security and Data Protection Latest Security News email m

Google Ups Bug Bounty Reward Amounts for Product Abuse Risks

Google announced its decision to increase the reward amounts for product abuse risks reported through its bug bounty program.On September 1, Google employees Marc Henson and Anna Hupa announced that researchers could now receive up to $13,337 for reporting a High-Impact vulnerability through which a malicious actor could abuse Google products for the purpose
Publish At:2020-09-03 16:25 | Read:148 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Bug Bou

Former AlphaBay Moderator Sentenced to 11 Years in Prison

A Colorado man received a prison sentence of 11 years for having served as a moderator on the AlphaBay underground marketplace.U.S. District Court Judge Dale A. Drozd handed down the sentence to Bryan Connor Herrell (known as “Penissmith” and “Botah” online), 26, of Aurora, Colorado on September 1, 2020.According to court documents, Herrell had acted as a mo
Publish At:2020-09-02 09:13 | Read:164 | Comments:0 | Tags:IT Security and Data Protection Latest Security News AlphaBa

Gift Cards Requested in Two-Thirds of BEC Attacks, Report Reveals

A report revealed that scammers requested funds in the form of gift cards in two-thirds of business email compromise (BEC) attacks.For a phishing trends report from the Anti-Phishing Working Group (APWG), APWG member Agari examined thousands of BEC attacks that occurred in the second half of 2020. It found that 66% of them involved gift cards. By contrast, d
Publish At:2020-09-01 16:00 | Read:170 | Comments:0 | Tags:IT Security and Data Protection Latest Security News BEC gif

Emotet Switches to ‘Red Dawn’ Template in Weaponized Word Documents

Researchers observed that the Emotet gang had incorporated a new “Red Dawn” template into their weaponized Word Documents delivered to users.Until recently, Emotet’s handlers had been targeting users with a iOS-themed document template for their malicious Word documents.The template explained that a sender had created the document on iOS, a
Publish At:2020-08-31 14:20 | Read:232 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Emotet

North Korea’s BeagleBoyz Resumes International Attacks Targeting Banks

North Korea’s BeagleBoyz team resumed its efforts to target banks worldwide with fraudulent money transfers and ATM cash outs.On August 26, the Cybersecurity and Infrastructure Security Agency (CISA) published Alert (AA20-239A) in coordination with the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Comma
Publish At:2020-08-27 08:41 | Read:166 | Comments:0 | Tags:IT Security and Data Protection Latest Security News BeagleB

Tools

Tag Cloud