The malware that has disrupted foreign exchange finance company Travelex’s ability to conduct digital transactions since New Year’s Eve has been identified as Sodinokibi ransomware. The malicious encryption software, which operates on a Ransomware-as-a-Service model, may have been delivered via unpatched, vulnerable Pulse Secure VPN servers and it is believed that the attackers are now…
Minnesota-based hospital operator Alomere Health this month began notifying patients of a data breach affecting 49,351 individuals, after a malicious actor gained access to two employee email accounts in late October and early November. The first incident took place between Oct. 31 and Nov. 1, 2019, while the second account hijacking happened days later on…
Google this month reportedly suspended its integrations with Xiaomi-manufactured Internet of Things devices, after one user’s Xiaomi smart camera began showing images from strangers’ homes while the content was being streamed to a Google Nest Hub. As of Jan. 6, Google has restored all of its Assistant devices’ integrations with Xiaomi products, except for the…
Cisco Systems this month issued six security advisories disclosing a total of 12 vulnerabilities the Data Center Network Manager, three of them critical. Designated CVE-2019-15975, CVE-2019-15976 and CVE-2019-15977, the three most serious flaws could enable unauthenticated, remote attackers to bypass authentication measures and execute malicious actions with admin-level privileges. Collectively, the trio of vulnerabilities were…
A researcher has discovered a pair of new Magecart-style web skimmers, each one featuring an evasion technique that’s not typically employed by this breed of malware: steganography and the transfer a data via the WebSocket protocol. The researcher, who uses the handle @AffableKraut, posted his two findings on Twitter last month, prompting the team from…
Foreign exchange financials company Travelex has suspended its UK-based digital services offline since New Year’s Eve, following the discovery of an undisclosed malware program. As of Jan. 3 at 11:30 a.m. ET, the London-based company remains unable to conduct monetary transactions via its website or app. Services are still being conducted manually, however. “We have…
The U.S. Coast Guard last month issued a safety bulletin following a ransomware attack that impaired both the IT systems and industrial control systems of a facility regulated by the Maritime Transportation Security Act (MTSA), and prompted a 30-hour operational shutdown. The ransomware program, identified as Ryuk, was delivered via a phishing email containing a…
The Houston-based steakhouse, restaurant and hospitality company Landry’s, Inc. has advised customers of a point-of-sale malware attack that stole payment card data from an order-entry system used to process kitchen and bar orders. According to a company breach notification, Landry’s food and beverage locations typically use point-of-sale terminals featuring end-to-end encryption technology that protects the…
In the span of five days, reports of two Twitter Android app vulnerabilities have surfaced: one that could cause attackers to view nonpublic account information or control accounts, and another that reportedly allowed a researcher to look up details on 17 million accounts. In a Dec. 20 blog post, Twitter noted that it issued an…
An Emotet banking trojan phishing campaign was spotted using the name of activist Greta Thunberg as a lure to target individuals concerned with climate change. The attackers behind the campaign recently sent out fake invitations to a nonexistent “climate crisis” demonstration supposedly led by the young Swedish activist, who was named Time’s 2019 Person of…
