News

Almost two years since the ransomware attack that brought the NHS (National Health Service) to a halt, healthcare IT professionals feel more confident in their ability to respond to a cyber-attack, according to new research from Infoblox. As healthcare providers continue to undertake digital transformation initiatives in an effort to improve efficiencies and the quality of care they deliver, the risk of falling victim to cyber attack increases. Source: Helpnetsecurity

Well-organised cybercriminals lust after the big bucks, so hijacking business systems for cryptocurrency mining is on the decline, and business email compromise (BEC) is now the thing. Sure, surreptitious mining continues to be feasible when the goal is shifted from the now processor-heavy Bitcoin to Monero and other currencies. But the payoff can still be bigger elsewhere, according to Chris Tappin, a Sydney-based principal consultant with Verizon's Threat Research Advisory Centre (VTRAC). Source: ZDNet

The U.S. Department of Justice has formally charged two members of a hacking group operating in China for illegally accessing computer systems of health insurer Anthem and stealing personally identifiable information (PII) of 78.8 million people. One of the hackers has been identified by his real name, Fujie Wang (a.k.a. Dennis Wang), while another is known only by aliases (a.k.a. Zhou Zhihong, Kim Young, Deniel Jack) and charged as John Doe. They were part of...

Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan. As adware bundles need to look as legal as possible, they require offers that they promote to have legitimate web sites with privacy policies and user agreements. Such is the case with the Pirate Chick VPN, whose web site looks like any other VPN site and includes a free...

A massive SMS spamming operation kicked out tens of millions of text messages, pestering unsuspecting recipients with links to fake sites flogging loans and free money. The operation was simple but smart. The system processed vast batches of phone numbers and curated custom messages on the fly with links to the fake sites. These fake sites urged spam victims to sign up with their name, email address and phone number and promised “free money… for real.”...

C-level executives – who have access to a company’s most sensitive information, are now the major focus for social engineering attacks, alerts the Verizon 2019 Data Breach Investigations Report. Senior executives are 12x more likely to be the target of social incidents, and 9x more likely to be the target of social breaches than in previous years – and financial motivation remains the key driver. Source: Helpnetsecurity

A huge MongoDB database exposing 275,265,298 records of Indian citizens containing detailed personally identifiable information (PII) was left unprotected on the Internet for more than two weeks. Security Discovery researcher Bob Diachenko discovered the publicly accessible MongoDB database hosted on Amazon AWS using Shodan, and as historical data provided by the platform showed, the huge cache of PII data was first indexed on April 23, 2019. Source: Bleeping Computer

Another city has become the victim of a ransomware attack, as government officials in Baltimore have revealed that the city hall computer networks have been infected, according to CBS Baltimore. Experts have identified the ransomware used in this case as the RobbinHood variant, about which there is little information given that it is relatively new. RobbinHood was also identified as the ransomware used last month in an attack on Greenville, North Carolina. Source: Infosecurity Magazine

Two new leaks exposing Iranian cyber-espionage operations have been published online, via Telegram channels and websites on the Dark Web and the public Internet. One leak claims to contain operational data from the MuddyWater hacking group, while the second leak reveals information about a new group identified in official Iranian government documents as the Rana Institute --and currently not linked to any known Iranian cyber-espionage group. Source: ZDNet

The cyber security industry in Northern Ireland provides employment for nearly 1,700 people and is on course to generate more than £70m in salaries each year, according to Máire O’Neill, professor at Queen’s University Belfast.Source: Computer Weekly