Traditionally associated with payment card theft, the cybercriminal group FIN6 has expanded its operations to apparently include ransomware attacks using the malicious encryption programs Ryuk and LockerGoga, according to researchers. Investigations by the FireEye Intelligence research team and the company’s Mandiant division have revealed that FIN6’s ransomware activity dates back to July 2018, and has…
Israeli authorities are reportedly investigating a hacker’s claims on Twitter that he successfully breached the country’s voter registry in the days leading up to tomorrow’s 2019 legislative election. Nicknamed DarkCoder, the hacker contended in a Saturday tweet that he stole information on 6 million Israeli voters, even posting a picture displaying victims’ names identity numbers…
Aluminum company Norsk Hydro has already lost as much as $40.6 million since it was attacked by LockerGoga ransomware on March 19, but at least most of its operations are back running at normal capacity, the company said in a news update yesterday. Most of the financial damage, which Hydro estimated at between 300 million…
The Mozilla Foundation yesterday issued a security update for its Thunderbird open-source email client, fixing two critical vulnerabilities involving its IonMonkey JavaScript JIT (just-in-time) compiler. The first of the two flaws, CVE-2019-9810, consists of incorrect alias information when using the Array.prototype.slice method, which could result in a missing bound check and buffer overflow. The second…
The LockerGoga ransomware that’s been targeting industrial and manufacturing companies in early 2019 contains a coding error that could potentially be exploited to stop it from encrypting files, researchers say. The mistake pertains to how the malware handles .lnk file extensions, explains a March 25 blog post from threat management company Alert Logic, whose researchers…
Apple yesterday released software updates for seven of its products, fixing a broad range of vulnerabilities. Altogether, the company addressed 51 flaws in iOS, 38 in macOS Mojave, 36 in tvOS, 20 in iCloud for Windows, 20 in Safari, 18 in iTunes for Windows and one in Xcode. Some of the vulnerabilities overlapped between these…
A PewDiePie fan has taken his admiration of the popular video game commentator a little too far, creating a ransomware designed to increase the YouTube star’s subscriber count. Fortunately, anti-malware company Emsisoft last week announced a new a decryption tool that restores machines infected by the unusual malware, named “PewCrypt.” On its website, Emsisoft describes…
Just days after a ransomware attack disrupted operations at Norwegian aluminium company Norsk Hydro, two U.S.-based chemical companies last Friday disclosed that they were affected by an unspecified network security incident that blocked access to certain IT systems and data. Reports suggest the incidents could be the work of LockerGoga, the same malicious encryption program that…
An academic study of GitHub found that more than 100,000 of the web service’s code repositories contain publicly accessible authentication secrets such as API and cryptographic keys, while thousands of new secrets are leaked each day. North Carolina State University researchers Michael Meli, Matthew McNiece (also from Cisco Systems) and Bradley Reaves detail their findings…
The Oregon Department of Human Services (DHS) was the victim of a phishing campaign earlier this year, resulting in a data breach that reportedly involves the records of up to 1.6 million state residents. According to a March 21 Oregon DHS press release, the incident took place last Jan. 8, when nine separate agency employees…
