Cyber Bites

The U.S. Marshals Service (USMS) has started notifying 387,000 former and current inmates of a security breach that may have compromised their personal identifiable information. According to USMS officials, the incident occurred in December 2019, when a bad actor infiltrated the DSNet system, a platform that aids “the movement and housing of USMS prisoners with the federal courts, Bureau of Prisons, and within the agency.” The attacked exploited a vulnerability in the system to steal...

Magellan Health, the Fortune 500 insurance company, has reported a ransomware attack and a data breach. The company, which says it “empowers 1 in 10 Americans to lead healthier, more vibrant lives” according to its website, said the incident was discovered on April 11. It also said that it became apparent during a forensic investigation that the ransomware attack was the final stage in a longer campaign. “The unauthorized actor gained access to Magellan’s systems after...

A month after hacker forum WeLeakData.com was shuttered, the content of its database, including hackers’ private messages, is for sale on the dark web. Noting claims that the FBI seized the forum, resulting in its closure, are unsupported, researchers at Cyble who identified and verified the database leak said, “After a brief time of being offline, allegedly, the site was sold to a new member of the forum, and came back online.” About the same...

Important-rated EoP flaws make up the bulk of the CVEs; SharePoint continues its critical run with four worrying bugs. Microsoft has released fixes for 111 security vulnerabilities in its May Patch Tuesday update, including 16 critical bugs and 96 that are rated important. Unlike other recent monthly updates from the computing giant this year, none of the flaws are publicly known or under active attack at the time of release. Along with the expected cache...

Severe CSRF to XSS bugs open the door to code execution and complete website compromise. Page Builder by SiteOrigin, a WordPress plugin with a million active installs that’s used to build websites via a drag-and-drop function, harbors two flaws that can allow full site takeover. According to researchers at WordPress, both security bugs can lead to cross-site request forgery (CSRF) and reflected cross-site scripting (XSS). They “allow attackers to forge requests on behalf of a...

International crime-fighting organization INTERPOL has teamed up with cybersecurity firm Kaspersky to declare WannaCry's third anniversary 'Anti-Ransomware Day.' bWannaCry, notorious as the largest ransomware epidemic in history, reached its peak on May 12, 2017. Recent research by Kaspersky confirms that three years on, WannaCry retains the dubious honor of being among the most prevalent ransomware families causing trouble around the world. To raise awareness of this ongoing threat, both INTERPOL and Kaspersky have dubbed today...

Photo print service Chatbooks has disclosed a data breach after customers’ emails, passwords and more were listed for sale on underground forums. Photo-print service Chatbooks has confirmed a data breach, a week after cybercriminals listed a database containing customer email addresses, passwords and more for sale on an underground forum. The Utah-based company allows users to create customized photo books. Nate Quigley, CEO of Chatbooks, said the stolen information includes login credentials, including names, email...

If an attacker can get his hands on a Thunderbolt-equipped device for five minutes, he can launch a new data-stealing attack called “Thunderspy.” A new attack enables bad actors to steal data from Windows or Linux devices equipped with Thunderbolt ports – if they can get their hands on the device for just five minutes. The attack, called “Thunderspy,” specifically targets Thunderbolt technology, which is a hardware interface developed by Intel (in collaboration with Apple)...

Today’s big ransomware story is a star-studded affair, according to entertainment news website Variety.com. Variety says that the law firm Grubman Shire Meiselas & Sacks, or just gsmlaw.com for short, has experienced a ransomware attack that apparently involved the appropriately named REvil malware. Rather than simply knocking the law firm out of action temporarily, the ransomware crooks are said to have stolen personal data from a laundry list of celebrity clients, too – allegedly more...

The cyber criminal group behind the increasingly dangerous Maze ransomware strain claims it has successfully encrypted systems at mailing and shipping services firm Pitney Bowes, less than a year after it was hit by a similar attack. previous major attack. The group behind Maze, which specialises in double extortion, a type of attack that increases pressure on its victims to pay by threatening to release important data in addition to encrypting systems, confirmed the attack...