Login

Register

Login

Register

Tag

attack
The crippling ransomware attack on Norsk Hydro may have been a state-backed attempt to disrupt rather than extort money, and as such provides a “blueprint” for how similar future campaigns may work, Dragos has warned. The security vendor’s principal adversary hunter, Joe Slowik, claimed in a new report that the new version of LockerGoga seen...
Read More
Multiple likely state-backed APT groups have been detected exploiting a recently patched Microsoft flaw to target Exchange servers. The vulnerability in question, CVE-2020-0688, was discovered by an anonymous security researcher and reported to Microsoft via Trend Micro’s Zero Day Initiative (ZDI). It was fixed in the February Patch Tuesday update round, but discovered by Volexity...
Read More
UK supermarket giant Tesco is issuing 600,000 customers with new loyalty cards after some accounts were compromised by an unauthorized third party. Although Tesco’s own IT systems were not compromised, it’s believed the hackers used a combo list of breached usernames and passwords sourced from elsewhere and conducted a brute force attack. The supermarket also...
Read More
Unsettling news for anyone who relies on smartphone voice assistants: researchers have demonstrated how these can be secretly activated to make phone calls, take photos, and even read back text messages without ever physically touching the device. Dubbed SurfingAttack by a US-Chinese university team, this is no parlor trick and is based on the ability...
Read More
A Massachusetts power station hit by ransomware is refusing to meet attackers’ financial demands. The Reading Municipal Light Department (RMLD) was targeted on Friday by cyber-criminals hoping to extort money by encrypting data in the station’s computer system. Unfortunately for them, station bosses opted to hire an outside IT consultant to help them deal with...
Read More
Earlier this week, we received a moderately believable Amazon Prime phish via email. The scam had an Account Locked subject line, with a warning that we wouldn’t be able to buy or sell anything via Amazon’s services until we verified our account. To add a bit more fear and urgency, the crooks went on to...
Read More
A proposed class-action lawsuit has been filed against New Jersey’s largest hospital health network over a ransomware attack that happened in December. Threat actors infected the computer systems of Hackensack Meridian Health, causing a system-wide shutdown on December 2. The attack disrupted services at 17 urgent care centers, hospitals, and nursing homes operated by the network.  News...
Read More
The US Department of Homeland Security (DHS) on Tuesday said that an infection by an unidentified ransomware strain forced the shutdown of a natural-gas pipeline for two days. Fortunately, nothing blew up. The attacker never got control of the facility’s operations, the human-machine interfaces (HMIs) that read and control the facility’s operations were successfully yanked...
Read More
Global facilities company ISS World, headquartered in Denmark, has shuttered most of its computer systems worldwide after suffering what it describes as a “security incident impacting parts of the IT environment.” The company’s website currently shows a holding page, with no clickable links on it: ISS World replaced its website with a static information page....
Read More
A US natural gas facility was forced to shut down operations for two days after becoming infected with commodity ransomware, the Department of Homeland Security (DHS) has revealed. The unnamed “natural gas compression” plant was first targeted with a spear-phishing email, allowing the attacker to access its IT and then pivot to its OT network,...
Read More
A county in the Pacific Northwestern state of Oregon is yet to fully recover from a ransomware attack that happened over a week ago. Cyber-criminals hit Tillamook County in a targeted attack last Wednesday, January 22. As a result, all internal computer systems under the county government, which 250 county employees rely on, went down....
Read More
A Canadian construction company that won military and government contracts worth millions of dollars has suffered a ransomware attack.  General contractor Bird Construction, which is based in Toronto, was allegedly targeted by cyber-threat group MAZE in December 2019. MAZE claims to have stolen 60 GB of data from the company, which landed 48 contracts worth $406m with Canada’s...
Read More
Citrix has issued its first set of patches fixing a nasty vulnerability that’s been hanging over some of its biggest products. The flaw, identified as CVE-2019-19781 on 17 December 2019, affected Citrix’s Application Delivery Controller (ADC) load and application balancer, and the Citrix Gateway Virtual Private Network (VPN) appliance (previously known as the NetScaler ADC...
Read More
An infamous Kremlin-backed hacking group has launched a coordinated phishing campaign aimed at Ukrainian firm Burisma Holdings, in what looks like an attempt to find internal information which could benefit Donald Trump. Security vendor Area 1 claimed the attacks were carried out by the GRU-linked Fancy Bear (APT28) group responsible for stealing and releasing emails...
Read More
New research has heightened an already urgent call to abandon SHA-1, a cryptographic algorithm still used in many popular online services. In a paper called SHA-1 is a Shambles, researchers Gaëtan Leurent and Thomas Peyrin have demonstrated a new, powerful attack on the system that could enable attackers to fake digital certificates for as little...
Read More
We’ve got some bad ransomware news, and we’ve got some good, cyberattack-THWARTED! news. First, the bad: over the holiday break, crooks who are so morally bankrupt that they target the organizations that serve children pounced on schools in the US city of Pittsburg, California. On Monday, the superintendent of Pittsburg Unified School District, Janet Schulze,...
Read More
The New Year’s Eve cyber-attack on currency exchange bureau Travelex is disrupting services for UK bank customers.  Travelex took all its systems offline as a precautionary measure after being hit by what it initially described as a “software virus” on December 31. On January 7, the company released a statement fingering the culprit as a type of...
Read More
A US fundraising firm has been forced to close its doors after more than 60 years in business following a crippling ransomware attack in October. The Heritage Company, based in Sherwood, Arkansas, let its 300 employees go just before Christmas, according to local reports. “Unfortunately, approximately two months ago our Heritage servers were attacked by malicious...
Read More
The websites of a major global currency exchange business are still down after a “software virus” struck the firm on New Year’s Eve last week. London-headquartered Travelex, which describes itself as “the world’s leading foreign exchange specialist,” operates online around the world and in airports, as well as supporting travel money services for several high...
Read More
US maritime facilities have been on high alert over the Christmas break after the Coast Guard revealed details of a ransomware-related outage in late December. The bulletin described a recent attack causing widespread operational disruption at a “Maritime Transportation Security Act (MTSA) regulated facility. “Forensic analysis is currently ongoing but the virus, identified as ‘Ryuk’...
Read More
Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW