Cyber Bites

Two major Spanish companies have been hit by ransomware today. Both infections occurred on the same day, sparking memories of the WannaCry outbreak. Spain was one of the first countries alongside the UK, where the WannaCry ransomware infections were spotted for the first time back on May 12, 2017. Affected at the time were Spanish newspaper El Mundo, and internet service provider Telefonica. But today's infections are not part of a global ransomware outbreak. Only two...

The British government wants your bright ideas for improving the nation's cybersecurity because it wants to "understand the apparent lack of strong commercial rationale for investment" in locking down your shizz. As part of its fond hope of making the UK a bit more secure than the rest of the world, the Department for Digital, Culture, Media and Sport (DCMS) wants you to tell it what it could be doing better. The Cyber Security Incentives...

Europe's data protection legislation is still missing the point and will remain a 'paper tiger' until internet giants are hit with big fines, according to NSA-contractor turned whistleblower and privacy campaigner Edward Snowden. The General Data Protection Regulation (GDPR) came into force across the European Union on 25 May 2018 and is designed to give EU citizens more control over their personal data. Most notably it introduces potentially huge fines for organisations that are deemed not...

The operators of Nemty ransomware have found a new distributor for their file-encrypting malware, which now spreads via Trik, a botnet that pushes all sorts of threats. The malware is spread to systems that have the Server Message Block (SMB) network communication protocol exposed on the web and protected by weak credentials. Source: Bleeping Computer

The Hack_Right program aiming to help young hackers avoid cybercrime and use their skills for good has received a pledge of support from about 20 companies. The program is intended for young individuals that received a conviction for cybercriminal activity for the first time. It is an alternative to the traditional punishment process or an addition to it. Source: Bleeping Computer

Marriott International notified some of its associates of an incident that exposed their social security numbers (SSNs) to an unknown party. An unknown individual may have accessed the information from the network of an unnamed vendor that was acting as the hotel's agent for receiving service of official documents. Source: Bleeping computer

The Emotet Trojan is celebrating Halloween by pushing out new spam templates that want to invite you to a neighborhood party. While these emails promise you a treat, in reality Emotet is tricking you into installing an infection. For those not familiar with Emotet, it is a malware infection that is spread through spam emails containing malicious documents. These documents install the Emotet Trojan on the victim's computer, which then installs other malware and uses the...

Researchers detect an updated Gafgyt variant that targets flaws in small office and home wireless routers from Zyxel, Huawei, and Realtek. A newly discovered variant of the Gafgyt Internet of Things (IoT) botnet is attempting to infect connected devices, specifically small office and home wireless routers from brands that include Zyxel, Huawei, and Realtek. Source: Dark Reading

APT41's new campaign is latest to highlight trend by Chinese threat groups to attack upstream service providers as a way to reach its intended targets, FireEye says. APT41, a Chinese hacking group known for its prolific state-sponsored espionage campaigns, has begun targeting telecommunications companies with new malware designed to monitor and save SMS traffic from phones belonging to individuals of interest to the government. Source: Dark Reading

The attack early in the morning of October 29 has taken all of the school district's systems offline. A ransomware attack against Las Cruces, New Mexico's public school system has shut down computers and networks across the district. School district IT teams reportedly reacted quickly, shutting down all computers immediately after detecting the attack at 0700 on October 29. According to the district, no student data is believed to have been compromised. Source: Dark Reading