The Dutch National High-Tech Crime Unit (NHTCU) arrested a 20-year-old Utrecht, Netherlands man, alleging he is the creator and distributor of a macro toolkit that has enabled cybercriminals to send phishing emails with malicious Office document attachments. The man, who was not named but went by the handle “Rubella” in online forums, is believed to…
The list of companies impacted by the American Medical Collection Agency (AMCA) data breach has grown, with Clinical Pathology Laboratories (CPL) now reporting that the PHI of about 2.2 million customers may have been affected. CPL began notifying patients on July 5 that it had been caught up in the AMCA breach after learning last…
Microsoft and Oracle issued security updates with Redmond, Wash., company patching a single issue in Windows Defender Application Control while Oracle’s update covered over 100 products and dozens of vulnerabilities. The issue with Windows Defender, CVE-2019-1167, if exploited would allow an attacker to circumvent PowerShell Core Constrained Language Mode on the machine. However, Microsoft noted…
The vicious cycle of imbalance between cyber attackers and defenders seems never-ending. Defenders continue to develop and implement new tools to prevent, detect, monitor and remediate cyber threats while attackers simultaneously develop new attack techniques to thwart defenses, which for all intents and purposes gives them the upper hand. But a new concept, originally conceived…
A threat actor named Sweed who has been active for more than two years using spearphishing emails with malicious attachments to spread Formbook, Lokibot and Agent Tesla has been given a detailed examination by Cisco Talos. Cisco Talos researcher Edmund Brumaghin said for the most part Agent Tesla is the group’s favorite flavor of malware,…
After attempting to recover from a ransomware attack for about a week, the La Porte County Board of Commissioners opted to pay the $130,000 ransom in order to regain access to their network. Local news reports have the county paying the ransom after negotiating with the attackers and noting that insurance will cover about $100,000…
Security practitioners face so many trials and tribulations as they protect and defend their organizations. In order to seek the best possible protection, they need to have an understanding of the threats which pose the greatest risk and how to address them proactively. This will enable a quicker and more cohesive response to incidents. The…
MyDashWallet.org is recommending that its users remove any funds from their wallets as the site has been compromised for the past two months. MyDashWallet, which calls itself the fastest and easiest way to use DASH cryptocurrency, noted on its site that an associated external site serving CryptoJS scripts was compromised with the end result being…
The cyber onslaught against municipalities continued last week with New Bedford, Mass., Gila County, Ariz., and the Syracuse, N.Y., school district all being subjected to attacks. The city of New Bedford, Mass. was hit early last week in what appears to be a ransomware attack, but according to published reports and statements from local officials…
I don’t need to tell you that it’s a tough time to be a cyber-defender. Attacks are growing increasingly sophisticated, as are the tools needed to detect them. Multi-vector threats that move laterally from IT to OT and IoT networks can cause substantial physical damage. Time sensitive malware like ransomware or fileless attacks crank the…
