Atlanta government systems hit by ransomware
The city of Atlanta has suffered a ransomware attack on Thursday, which resulted in outages of some of its customer facing applications, including some that customers may use to pay bills or access court-related information. It was confirmed that the operation of both internal and external apps was affected by the attack, and said that the FBI, the DHS, Microsoft and the Cisco cybersecurity incident response team are helping with the investigation. (By: Zeljka Zorz, Managing Editor, Help Net Security)
GhostMiner: Cryptomining Malware Goes Fileless
This article provides an example of how malicious miners are evolving to use advanced fileless techniques to succeed in mining Monero and spreading silently on a global scale. In this attack, we also witnessed how competing miners are fighting each other to generate more income for themselves, removing other miners on the endpoint. Minerva Labs analyzed the attack and presents a novel way of turning the tables on mining attackers by using their scripts to remove competitors, against them. (By: Asaf Aprozper and Gal Bitensky, Minerva)
US Disrupts 'Massive And Brazen' Iranian Phishing Scheme, DOJ Says
The Mabna Institute allegedly works as a contractor for Iran's Islamic Revolutionary Guard Corps. It has conducted a lengthy, years-long, and far-flung cyber espionage campaign against targets in some twenty-one countries, including the US. The campaign appears to have been directed toward the theft of technical information and intellectual property. Some of the information Iran used; some of it Iran sold. They approached their harder targets by first compromising easier ones. The softer targets, university professors in more than three-hundred institutions around the world, were trawled with a very large phishnet. (By: Stu Sjouwerman, KnowBe4, Inc.)
Top cybersecurity evasion and exfiltration techniques used by attackers
60% – No internal DNS server.
36% – Traffic involving proxy and anonymizer IPs/URLs.
33% – Victims of phishing attacks involving popular domains.
28% – security incidents involving SSH.
25% – Bitcoin traffic.
21% – TOR traffic.
15% – Malicious activity on a non-standard application port. (By: Help Net Security)
Understanding email fraud: Do you have visibility into email threats?
Email fraud is highly pervasive and deceptively simple; hackers don’t need to include attachments or URLs, emails are distributed in fewer volumes, and typically impersonate people in authority for maximum impact. These and other factors make email fraud, also known as business email compromise (BEC), extremely difficult to detect and stop with traditional security tools. (By: Help Net Security)
How to Survive an Accidental Emailing Crisis
For sure it never looks good when you contact someone by mistake, but that doesn’t mean your corporate reputation is really at risk. If an email sent to the wrong recipient and its attachments didn’t contain personal or commercial information, you might just follow up with a quick note apologizing. Not very pretty, but probably enough. But if the message or thread include details belonging to one or more of the following categories, then you should start to worry and proactively plan your crisis response. (By: Alexandre François, 4Hoteliers)
The Financial Fallout From Data Breaches
Recent 2017 fiscal year-end filings with the U.S. Securities and Exchange Commission by medical transcription vendor software vendor Nuance and pharmaceutical giant Merck reveal the financial effect on each of those organizations of the NotPetya ransomware attacks last June that disrupted their operations. (By: Marianne Kolbasuk McGee, Data Breach Today)
Lessons for Boards from Yahoo’s $80 Million Data Breach Settlement
The personal information of 1.5 billion users was compromised. Yahoo’s shareholder settlement suggests that reform is happening much faster. “The boards are going to be targets.” If there’s truth to that assumption, there are some critical lessons for boards to take away from this news. (By: Kacy Zurkus, Security Boulevard)
If you are concerned about a potential breach or if you are currently experiencing a breach and require immediate assistance, contact our 24x7x365 Emergency Hotline:
Or fill out our contact form:
We are committed to preventing and responding to data security breaches. We have the most dedicated and qualified analysts in the cyber industry and can identify areas that you should focus on to enhance your level of security and awareness.