The value of cryptocurrencies has fluctuated wildly, but the value is still high enough to garner a lot of attention, both legitimate and malicious. Most of the malicious activity we see is done for financial gain, and cryptocurrencies have provided attackers with a lucrative new avenue to pursue: cryptocurrency mining. Over the past year, we […]
Fileless Malware on the Rise, Hackers Now Cryptomining Gamers’ PCs Read More »
The N.S.A.’s tools were most likely more useful than FireEye’s since the U.S. government builds purpose-made digital weapons. FireEye’s Red Team tools are essentially built from malware that the company has seen used in a wide range of attacks. Still, the advantage of using stolen weapons is that nation-states can hide their own tracks when
FireEye Security Vendor Compromised: Nation-State Threat Actors Steal Hacking Tools Read More »
A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Austin, Texas-based SolarWinds disclosed this week that a compromise of its
SolarWinds Breach: Malware Breach Affecting 18,000 Customers Read More »
The Wawa breach may rank as one of the biggest of all time, comparable to earlier Home Depot and Target breaches. On Monday, hackers put up for sale the payment card details of more than 30 million Americans and over one million foreigners on Joker’s Stash, the internet’s largest carding fraud forum. This new “card
Wawa’s Massive Credit Card Breach: 30 Million Customer’s Details for Sale Online Read More »
Microsoft has admitted that between December 5th-31st 2019, a mis-configuration of the security rules for (what should have been) an internal customer support database left it exposed for anyone to access – no password required. According to researcher Bob Diachenko, who discovered the database was accessible to anyone capable of running a web browser, the nearly 250
Microsoft Data Breach Exposes 250 Million Customer Service and Support Records Read More »
New Jersey’s largest hospital system said last week it paid an extortion fee to hackers who had disrupted medical facilities with a ransomware attack. Hackensack Meridian Health, based in Edison, New Jersey, said Dec. 13 it was working to restore its computer systems following a Dec. 2 ransomware attack that forced administrators to cancel roughly
New Jersey’s Largest Hospital Pays Hackers in Ransomware Breach Read More »
Britain’s Information Commissioner’s Office (ICO) today hit British Airways with a record fine of $183 million for failing to protect the personal information of around half a million of its customers during last year’s security breach. British Airways, who describes itself as “The World’s Favorite Airline,” disclosed a breach last year that exposed personal details and
British Airways Fined $183 Million Under GDPR Over 2018 Data Breach Read More »
