Bradley Barth SC Media

Bradley Barth

Senior Reporter

Most recent articles by Bradley Barth

Downloads of cracked software distribute ransomware via adware bundles

By

Websites offering cracked versions of popular software programs have recently been serving up adware bundles that secretly deliver a variant of STOP ransomware. According to a pair of reports from Bleeping Computer founder Lawrence Abrams, the scheme came to light in December 2018 with the appearance of the malicious encryptor “Djvu” – so named because…

Google Play boots fake apps that spy on devices’ motion sensor data before dropping Anubis malware

By

A fake currency converter and a phony battery utility program are among the latest fraudulent apps to be expunged from Google Play, according to researchers who discovered they were infecting users with a version of the Anubis banking malware family. Both fraudulent apps employ a crafty technique to determine whether it is safe for them…

Hospital

Cyberattack forces Health Sciences North to place systems on downtime at 24 hospitals

By

A cyberattack on Health Sciences North in Sudbury, Ontario, yesterday has reportedly disrupted multiple systems at 24 of the Canadian health provider’s hospital facilities in the northeastern part of the province. Dominic Giroux, CEO of Health Sciences North, said the virus that caused the incident “is not captured by the current anti-virus tools that are…

Fixed Fortnite flaws could have enabled account takeovers

By

A series of vulnerabilities in the hugely popular online survival game Fortnite could have allowed malicious actors to take over players’ accounts, prompting developer Epic Games to fix the issues before a major incident transpired, according to researchers who discovered the program. Had the flaws been exploited, attackers could have victimized gamers by viewing their…

Click2Gov breach threatens credit card data of Hanover County residents

By

A data breach of an third-party online payment system has compromised the personal information of Hanover County, Virginia, residents. In an official online notification, county officials have disclosed that an unauthorized party stole credit card information processed by the Click2Gov payment portal between Aug. 1, 2018 and Jan. 9, 2019. Exposed information includes customer names,…

Researchers develop proof-of-concept malware for attacking Building Automation Systems

By

Researchers have developed proof-of-concept malware capable of compromising Building Automation Systems after discovering two critical bugs in a BAS programmable logic controller (PLC). Created by experts at ForeScout, the malware exploits both vulnerabilities in combination with several older flaws that were previously known to the public, according to a ForeScout white paper released today in…

Report: Flaws in PremiSys access system could literally open door for physical intruders

By

In a case of cybersecurity converging with physical security, researchers have disclosed four vulnerabilities in IDenticard Corp.’s PremiSys building access control system that attackers could exploit to sneak into restricted locations. In a corporate blog post, Tenable, Inc. reported today its researcher Jimi Sebree discovered the zero-day flaws in September 2018, after which time the company…

U.K. court sentences hacker for Mirai-based DDoS attack against Liberian telecom firm

By

The British man who orchestrated a series of DDoS attacks that disrupted Internet access across the African nation of Liberia in November 2016 has been sentenced to two years and eight months in prison. Daniel Kaye, 30, from Egham, Surrey, pleaded guilty last December of using botnets and stressors to bombard Liberian telecom provider Lonestar…

Ryuk ransomware linked to Emotet and TrickBot trojans; suspicions shift to cybercriminal group

By

Multiple researchers are linking the Ryuk ransomware that disrupted the operations of multiple U.S. newspapers in late 2018 to the Emotet and TrickBot trojans. In so doing, some analysts have now also shifted blame for the attack from North Korean actors to cybercriminals, possibly from Russia, while others maintain that attribution efforts are premature. Crowdstrike,…

Unhappily ever after: Hospital hacker rescued by Disney cruise ship sentenced to 10 years

By

A man convicted of launching DDoS attacks against two Boston-area health care facilities was sentenced in U.S. District Court on Thursday to 10 years in prison. Martin Gottesfeld, 34, of Somerville, Mass., was found guilty last August of attacking Boston Children’s Hospital and the Wayside Youth & Family Support Network back in 2014. Gottesfeld has…

Next post in Security News