Cyber Bites

Emotet has started a new spam campaign that is banking off the popularity of environmental activist Greta Thunberg and her dedication to the climate movement. Unsuspecting users who think they are getting info about an upcoming "climate crisis" demonstration, will instead find that they have become infected with Emotet and other malware.   Source: Bleeping Computer

An unsecured database on the dark web left the personal information of more than 267 million Facebook users, mostly in the U.S., exposed. Although the database, discovered by security researcher Bob Diachenko and Comparitech and traced to Vietnam, is now inaccessible, it laid bare names, phone numbers, timestamps and Facebook IDs and that information also appears on a hacker forum. Source: SC Magazine

An active malspam campaign is distributing Emotet banking Trojan payloads via emails camouflaged to look like messages delivered by several German federal authorities warns the BSI, Germany's federal cybersecurity agency. Source: Bleeping Computer

An insurance and financial services company based out of Manitoba, Canada is the latest victim of the Maze Ransomware with allegedly 245 computers encrypted during a cyberattack in October. The victim, Andrew Agencies. is a full-service insurance company with 125 employees and 18 locations based out of Manitoba, Saskatchewan, and Alberta, Canada. Source: Bleeping Computer

Parents buy their children GPS-enabled smartwatches to keep track of them, but security flaws mean they’re not the only ones who can. This year alone, researchers have found several vulnerabilities in a number of child-tracking smartwatches. But new findings out today show that nearly all were harboring a far greater, more damaging flaw in a common shared cloud platform used to power millions of cellular-enabled smartwatches. Source: Tech Crunch  

Automotive giant Honda exposed roughly 26,000 vehicle owner records containing personally identifiable information (PII) of North American customers after misconfiguring an Elasticsearch cluster on October 21, 2019. Honda's security team in Japan promptly secured the publicly accessible server within just a few hours after being contacted by Security Discovery researcher Bob Diachenko on December 12. Source: Bleeping Computer

Just days after New Orleans revealed it was victimized by a ransomware attack, smaller municipalities in Florida and California reported being hit. Galt, Calif. municipal systems and the St. Lucie County, Fla. Sheriff’s Department were each knocked offline. Source: SC Magazine

Hundreds of industrial companies are currently the targets of cyber-espionage activity from an advanced threat actor. The adversary uses a new version of an older info-stealer to extract sensitive data and files. The attacker uses spear-phishing emails with malicious attachments often disguised as PDF files. Separ is the malware of choice, which steals login data from browsers and email clients, also hunting for various types of documents and images.   Source: Bleeping Computer  

A new scanning tool is now available for checking if your computer is vulnerable to the BlueKeep security issue in Windows Remote Desktop Services. Despite Microsoft rolling out a patch in mid-May, there are tens of thousands of devices exposing a Remote Desktop Protocol (RDP) service to the public internet. Source: Bleeping Computer

Since January, 1,039 schools across the U.S. have been potentially hit by a ransomware attack after 72 school districts and/or educational institutions have publicly reported being a ransomware victim according to a report from security solutions provider Armor. Source: Bleeping Computer