Municipalities took a beating this week with at least four reporting being shut down from new ransomware attacks or struggling to recover from an older incident. Augusta, Maine; Imperial County, Calif.; Stuart, Fla.; and Greenville, N.C. were all in different stages of recovering from ransomware attacks over the last seven days. Augusta City Center operations…
A phishing scam is circulating Instagram claiming that users have made “The Nasty List” with the goal of stealing account credentials. The scam is spread via messages sent through hacked accounts claiming the recipients were spotted on the so called NastyList stating something like “OMG your actually on here, @TheNastyList_34, your number is 15! its…
Researchers believe hackers from the breakaway Luhansk People’s Republic (LPR) may be behind a spear phishing-based malware campaign that’s been actively targeting the Ukrainian government. The researchers, from FireEye, disclosed their assessment following their investigation into a malware-laced email that they were able to tie back to a 2018 phishing campaign designed to to deliver…
Two Romanian nationals were convicted in an Ohio federal court on Thursday for their roles in the Bayrob group, an organization that launched a multi-million-dollar cybercriminal operation fueled by its own proprietary malware. Bogdan Nicolescu, 36, and Radu Miclaus, 37, were found guilty on separate 21 counts for developing and spreading the Bayrob trojan, which…
Garfield County, Utah became the latest municipality to not only be hit with a ransomware attack, but succumb to the attackers demand and pay the ransom. Local news reports said the attack happened several weeks ago, but proved so severe that the county opted to pay for the release of its files. The payment was…
Researchers at Kaspersky Lab today issued a pair of reports, one revealing a newly discovered sophisticated APT framework and the other detailing the recent operations of the threat actor known as Gaza Cybergang Group1. Dubbed TajMahal, the APT framework is a fully loaded malicious toolset, replete with backdoors, loaders, orchestrators, C2 communicators, audio recorders, keyloggers,…
Baystate Medical Center reportedly suffered a data breach possibly impacting 12,000 patients. The Springfield, Mass.-based hospital told patients that between Feb. 7 and March 7, 2018, several employee email accounts were compromised after a worker was victimized by a phishing scheme giving an unauthorized person access to their accounts. Baystate said the accounts were quickly…
Verizon customers are being targeted by a phishing campaign which researchers described as having a sophisticated, mobile-first approach that optimizes its phoney sites for mobile devices and demonstrating awareness of Verizon infrastructure. Lookout researchers discovered the attack in late November 2018 and said activity has since intensified in March, when three waves of attacks were…
If you work in the IT trenches, there has likely come a moment while you were sitting in your office, reviewing the latest news about current phishing campaigns, when you suddenly looked up and cast your eyes across the floor, pondering a very basic question: just what are your users doing with all those malicious…
In the post-Vault7 world, there has been an interesting shift in the cybersecurity landscape. At one time, well-funded, government-backed nation-state threat actors were the only ones capable of carrying out sophisticated cyberattacks. But now, these hacking techniques have trickled down to your average cybercriminal, equipping them with the power to take down enterprise networks, steal…
