Cybercrime | SC Media

Cybercrime

Med group’s breach disclosure claims SSNs unaffected; leaked docs suggest otherwise

The Affordacare Urgent Care Clinic, a network of medical providers based in Texas, has officially confirmed a combination data breach-ransomware attack that exposed sensitive information. The company is claiming that social security numbers were not impacted in the incident, despite security experts having demonstrated that the attackers have published stolen documents containing patients’ and employees’…

New Marriott data breach impacts 5.2 million guests

Previously burned by a hack of its Starwood reservations system, Marriott International on Tuesday disclosed another major data breach, this one affecting 5.2 million of its guests. According to the Bethesda, Md.-based hospitality giant, the source of the breach was an application that its hotels use to provide guests with various services. Marriott did not name…

2020 Vision: Cybersecurity through a business lens

Over the coming years organizations will experience growing disruption as threats from the digital world have an impact on the physical. Invasive technologies will be adopted across both industry and consumer markets, creating an increasingly turbulent and unpredictable security environment. The requirement for a flexible approach to security and increased resilience will be crucial as…

Sale of Dharma ransomware source code draws hackers’ scrutiny, but the price is right

An unidentified party has reportedly placed the source code for Dharma ransomware up for sale on at least two Russian hacker forums, adding a formidable new competitor to an already crowded underground market. And while cybercriminals have met the offer with some healthy skepticism, the bargain-basement selling price of $2,000 may be alluring enough for…

Locky Ransomware

Ransomware attacks vs Kimchuk, Visser reveal supply chain threat to DOD

The operators behind DoppelPaymer ransomware reportedly attacked electronics manufacturer Kimchuk earlier this month, disrupting the company’s operations and stealing sensitive data that they have been publishing online as part of an extortion plot. Meanwhile, the cybercriminal outfit has continued to also publish information stolen earlier this year from Visser Precision, a parts maker and manufacturing solutions…

DEER.IO caught in FBI’s headlights; cybercrime platform gets shut down

The FBI on Tuesday seized the website for DEER.IO, a Russian online platform used to conduct millions of dollars worth of cybercriminal transactions. The crackdown followed the March 7 arrest of alleged hacker/DEER.IO administrator Kirill Victorovich, who was taken into custody while in New York City. Active since October 2013, DEER.IO allows users to purchase…

Hijacked routers and attempted WHO hack highlight latest COVID-19 attacks

Businesses remain closed in many major cities around the world as the coronavirus pandemic rages, but cybercriminals are still open for business, as they continue to use the crisis to serve their nefarious purposes. Today’s latest round-up of coronavirus threats includes a reported hacking attempt against the World Health Organization, a DNS hijacking attack designed…

Open redirect on Dept. of HHS website benefits COVID-19 phishing scam

A coronavirus-themed phishing campaign designed to infect victims with Raccoon information-stealing malware has reportedly been leveraging an open redirect vulnerability found on the U.S. Department of Health and Human Services’ website, HHS.gov. As defined by Trustwave here, an open redirect occurs when a website’s “parameter values (the portion of URL after “?”) in an HTTP…

FBI warns of COVID-19 phishing scams promising stimulus checks, vaccines

The FBI’s Internet Crime Complaint Center (IC3) has issued a public service announcement warning citizens to watch out for email-based fraud and malware schemes that take advantage of the coronavirus pandemic. Among the scams to look out for are emails purporting to contain helpful information from the Centers for Disease Control and Prevention (CDC) and…

Next post in Cybercrime