Cyber Bites

Wake-on-Lan used by Ryuk Ransomware To Encrypt Offline Devices

Security researchers from Guardicore revealed a sophisticated malware attack that managed to compromise some 800 devices belonging to a medium-sized company in the medical tech industry. In a technical analysis of the attack, Guardicore explains that the malware infection was disguised as a WAV file and included a Monero cryptominer, using the notorious EternalBlue vulnerability to compromise other devices in the network. Source: News Soft Pedia

Read more
Nobel laureate Paul Krugman fell for a phishing scam

When Clop was discovered by Jakub Kroustek in February 2019, all indicators showed that it was a new CryptoMix with the .CLOP, or in some circumstances .CIOP, extension tagged onto encrypted files. Since this discovery, the ransomware operators behind Clop have steadily been developing it to move beyond the shadow of merely being a variant of CryptoMix. Soon after Clop’s discovery, it could be argued that the ransomware already could be recognized as a threat in its...

Read more
Victims infected by Ako Ransomware spam

It has been discovered that the network-targeting Ako ransomware is being distributed through malicious spam attachments that pretend to be a requested agreement. Last week we reported on the Ako Ransomware and how it was targeting companies with the intent to encrypt their entire network. At the time, it was not known how it was being distributed and when we asked the ransomware operators they told us it was a "secret". Source: Bleeping Computer

Read more
Phishing Emails Used to Target the United Nations

The Emotet trojan recently leveraged a phishing campaign to target email addresses associated with users at the United Nations. In an email provided by Cofense to Bleeping Computer, Emotet’s handlers pretended to be representatives of Norway to the United Nations (UN). They used this disguise to conduct a phishing campaign with “highly specific targeting.” In total, they sent emails to approximately 600 UN email addresses. Source: Security Boulevard

Read more
Customer account information in P&N Bank data breach

On Wednesday, a security researcher going under the Twitter handle @vrNicknack pinged Troy Hunt, the operator of the Have I Been Pwned? search engine, with a notice he had received from the bank.  P&N Bank, a division of Police & Nurses Limited and operating in Western Australia, sent the notice which warned of an "information breach" occurring through its customer relationship management (CRM) platform. Source: ZD Net

Read more
Iran will Deploy Wiper Malware in Response to U.S. Military Strike

Amidst rising tensions after the United States killed Qassem Soleimani, the chief of Iran’s Quds Force, in a drone strike in Baghdad last week, security experts and U.S. government officials warn that Iran may retaliate with cyberattacks. Iran-based attack groups have expanded their digital offensive capabilities significantly since 2012, when they launched crippling distributed denial-of-service attacks against financial services companies. Since then, the cybersecurity arm of Iran’s Islamic Revolutionary Guard Corps, and private sector contractors acting on behalf...

Read more
Page 1 of 94 1 2 94