Oscar Nominated Movies Used by Phishing Attacks

  Attackers are taking advantage of the hype surrounding this year’s Oscar Best Picture nominated movies to infect fans with malware and bait them to phishing websites designed to steal sensitive information such as credit card details and personal information. Diriga’s Phishing Attack Services can be used to help prevent this from happening.  This method is the perfect way to get around the defenses of film fans, as many of them are willing to take down their defenses for a chance to get a free preview, particularly since the 92nd Academy Awards ceremonies are just around the corner on February 9th. High-profile TV shows and movies are often used as lures in social engineering attacks that promise early previews either in the form of fake streaming sites or through malicious files disguised as early copies released. Over 20 phishing sites…

Google Chrome Adds Protection for NSA’s Windows CryptoAPI Flaw

Google just released Chrome 79.0.3945.130 update, which will now detect certificates that attempt to exploit the NSA discovered CVE-2020-0601 CryptoAPI Windows vulnerability. As part of Microsoft’s January 2020 Patch Tuesday, security updates were released for a vulnerability discovered by the NSA in the Windows CryptoAPI library Crypt32.dll. This vulnerability allows attackers to create TLS and code-signing certificates…

Sodinokibi Ransomware Publishes Stolen Data for the First Time

For the first time, the operators behind the Sodinokibi Ransomware released files that had been stolen from one of their victims because ransom was not paid in time. Since last month, Sodinokibi members, better known as REvil, have publicly stated that they would continue to follow Maze’s example and publish data stolen from victims if they did not pay a ransom. Although threats have been made against Travelex and CDH Investments, they have not been carried out with them. All this changed today when Sodinokibi’s public representative said they were beginning to “keep promises” as they posted links to approximately 337 MB of allegedly…

Department of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities

Microsoft released several updates to address critical vulnerabilities. Several were of sufficient concern to encourage the Homeland Security  Department to issue an Emergency Directive directing all federal agencies to patch these vulnerabilities in the next ten days. The vulnerabilities are present on both RDP Gateway Servers & RDP Clients, in the Windows CryptoAPI, as well as the Remote Desktop Protocol (RDP). Here are the descriptions with links to the Microsoft Security Center so you can review the KB articles associated with them. CVE-2020-0601 is a CryptoAPI spoofing vulnerability and affects Windows 10, Server 2016, and Server 2019, and could potentially allow an attacker to bypass antivirus and perform malicious actions on an affected endpoint.…

Maze Ransomware Demands $6 Million Ransom From Southwire

Maze Ransomware attackers claim responsibility for another cyber attack, this time targeting Carrollton, Georgia’s leading wire and cable manufacturer Southwire Company, LLC (Southwire). According to a press release published in January 2019, Southwire is one of North America’s leading wire and cable manufacturers, “building wire and cable, utilities, metal-clad cable, portable and electronic cable products, OEM wire products and engineered products.” In May, Malwarebytes security researcher Jérôme Segura discovered Maze Ransomware, a version of Chacha Ransomware. Since May 2019, the malware strain has become more and more aggressive. Its affiliates are also becoming more and more notorious, with ProofPoint identifying one after observing them as the TA2101 threat actor while carrying out various malspam campaigns that impersonate government agencies. $6 million…

Pitney Bowes: Can we be frank? Ransomware has borked our dead-tree post systems

article originally published on https://www.theregister.co.uk Venerable stamp-machine maker stalled by server infection Pitney Bowes, the US stamping meter maker, has been infected with ransomware, leaving customers unable to top-up their equipment with credit nor access the corporate web store. “At this time, the company has seen no evidence that customer or employee data has been…

California Provider to Close After Ransomware Attack Damages System

This article was originally published on https://healthitsecurity.com. Wood Ranch Medical reported ransomware recently encrypted its systems and backups, which the provider was unable to recover; Campbell County continues its recovery and another ransomware incident complete this week’s breach roundup. September 30, 2019 – California-based Wood Ranch Medical will permanently close its doors, after the provider…