Cyber Bites

 FireEye security researchers warn that the proliferation of hacking tools with capabilities for targeting industrial control systems (ICS) is lowering the entry bar for attackers and increasing risks for organizations operating in the industrial sector. In a study published today, the US cybersecurity firm said it analyzed all the hacking tools with ICS targeting capabilities that were released in recent years. Source: ZD Net

Finastra, a bank technology company in London that has more than 9,000 customers, including 90 of the top 100 global banks, was working Monday to bring servers back online that were hit by a ransomware attack late last week. Some U.S. bank customers are affected by the incident, which occurred Friday. The company says it took some of its servers offline while it investigated the incident. Source: American Banker

  Huge data breach included personal information on more than 200 million Americans. Equally as bad, it's unclear where the data came from. Researchers have noticed that detailed personal information of more than 200 million Americans was exposed in a data breach. This is the latest in a long list of data security incidents over recent months and years. Source: Screenrant https://cybernews.com/security/report-unidentified-database-exposes-200-million-americans/

  The world's third largest cruise line, Norwegian Cruise Line, has suffered a data breach, the British security firm DynaRisk says, adding that the email addresses and passwords of nearly 27,000 travel agents had been exposed as a result. DynaRisk said its researchers had found a breached database from the NCL travel agents' portal on a hacking forum on 13 March. After first verifying that the data records were authentic, it then contacted a representative...

  The personal details of more than 538 million users of Chinese social network Weibo are currently available for sale online, according to ads seen by ZDNet and corroborating reports from Chinese media. In ads posted on the dark web and other places, a hacker claims to have breached Weibo in mid-2019 and obtained a dump of the company's user database. Source: ZD Net

The Maze ransomware group has published personal and medical details of thousands of former patients of a London-based medical research company after a failed attempt to disable the firm's computer systems. Cyber gangsters have attacked the computer systems of a medical research company on standby to carry out trials of a possible future vaccine for the Coronavirus, Covid-19. Source: Computer Weekly

The World Health Organization (WHO) has launched a chatbot on WhatsApp to provide information on the coronavirus (COVID-19) pandemic sweeping the planet. To interact with it, users will need to message the WHO account on +41 79 475 22 09 and send the word 'Hi' to begin chatting, after which, a list of prompts is returned to the user to access official information about the virus. Source: ZD Net

Bitcoin and crypto-related ransomware attacks hit a record high in the United Kingdom last year. According to a report by Bitcoinist and records obtained under the Freedom of Information Act (FOI), UK authorities received 562 reports from victims of devices that were hijacked by crypto-related ransomware. Source: CryptoGlobe

The notorious Maze ransomware gang announced Wednesday that it will not attack any healthcare organizations during the COVID-19 pandemic. The pandemic has put a strain hospitals and public health agencies in recent weeks as governments across the globe struggle to contain the spread of COVID-19, also known as the new coronavirus. Some security vendors have expressed concern that coronavirus-related threats could soon include ransomware attacks, which would have a crippling effect on healthcare and government...

  An ongoing phishing campaign delivering emails posing as official messages from the Director-General of the World Health Organization (WHO) is actively spreading HawkEye malware payloads onto the devices of unsuspecting victims. This spam campaign started today according to researchers at IBM X-Force Threat Intelligence who spotted it and it has already delivered several waves of spam emails attempting to pass as being delivered by WHO. Source: Bleeping Computer