Data Breach | SC Media

Data Breach

History shows, transparency can ease the fallout from a cyberattack

Cybersecurity firms have a responsibility to keep their clients safe from digital attacks. But when they end up the victims, they potentially risk losing credibility with these customers, especially if their operations are disrupted. It’s a potentially juicy extortion scenario for attackers, and we just saw an example of this play out last week when…

Stricken electronics firms weigh reward, cost of paying ransom

Garmin reportedly paid cyber extortionists millions of dollars for access to a decryptor so that the company could restore its services to customers following a July 23 WastedLocker ransomware attack. Meanwhile, a separate ransomware outfit this week reportedly leaked sensitive data lifted from LG and Xerox’s internal networks after attempted negotiations with the two tech…

Avon attackers may have exploited unprotected web server

An openly accessible web server has emerged as a possible attack vector used by cybercriminals in a reported ransomware incident that affected personal care and beauty marketer Avon Products last June. Researchers from Safety Detectives today announced its discovery of a U.S.-based Avon.com server that was not defended by a password, leaving it accessible to…

DNA companies vulnerable to phishing, privacy violations after attacks

A malicious server compromise recently confirmed by DNA investigation services provider GEDmatch serves as a reminder of the incident response challenges and privacy ramifications that companies face when they trade in sensitive data – in this case, DNA, the most personal of data – especially when such incidents create unique opportunities for targeted phishing campaigns. Owned by…

Dacls RAT’s goals are to steal customer data and spread ransomware

The Dacls remote access trojan that is capable of attacking Windows, Linux and macOS environments has been used to distribute VHD ransomware and to target customer databases for attempted exfiltration, according to researchers. Kaspersky on Wednesday revealed this latest intel on Dacls in a company blog post and corresponding press release that also detailed an…

Hidden purpose of Mac ‘ransomware’ EvilQuest is data exfiltration, say researchers

Researchers have developed a decryption tool for the recently discovered EvilQuest ransomware program designed to target Mac machines. But several analysts now concur that EvilQuest’s malicious encryption may be more of a decoy, while the program’s true purpose appears to be data exfiltration. In a new blog post this week, Thomas Reed, director of Mac…

Next post in Security News