Latest

Cyberwarfare / Nation-State Attacks

US Blacklists 7 Chinese Supercomputer Entities

Scott Ferguson  •  April 9, 2021

Citing national security concerns, the U.S. Commerce Department has placed seven Chinese supercomputer organizations on the Entity List, which effectively bars them from receiving supplies or components from U.S. companies.

Cybercrime

Fraudsters Flooding Collaboration Tools With Malware

Prajeet Nair  •  April 9, 2021

The increasing reliance on collaboration tools such as Slack and Discord to support those working remotely during the COVID-19 pandemic has opened up new ways for fraudsters and cybercriminals to bypass security tools and deliver malware, Cisco Talos reports.

Cybercrime

Crisis Communications: How to Handle Breach Response

Anna Delaney  •  April 9, 2021

The latest edition of the ISMG Security Report features an analysis of why transparent communication in the aftermath of a data breach pays off. Also featured: Mastercard on digital identity issues; building a more diverse and inclusive cybersecurity workforce.

Identity & Access Management

Death to 'Fluffy': Please Stop With the Pet Name Passwords

Mathew J. Schwartz  •  April 9, 2021

Loving your pet and creating tough-to-crack passwords should remain two distinctly separate activities. Unfortunately, Britain's National Cyber Security Center reports that more than 1 in 6 Brits admit to using the name of a pet as their password. And the problem is global.

Cryptocurrency Fraud

600,000 Payment Cards Stolen From Swarmshop Darknet Market

Doug Olenick  •  April 8, 2021

For the second time in two years, the contents of the darknet payment card marketplace Swarmshop have been removed and posted to a competing underground forum, Group-IB reports. The content includes data on more than 600,000 payment cards as well as administrator, seller and buyer information.

Cybercrime

Attackers Using Malicious Doc Builder Called 'EtterSilent'

Doug Olenick  •  April 8, 2021

Researchers at the security firm Intel 471 report cybercriminal gangs are using a newly uncovered malicious document builder called "EtterSilent" to create differentiated, hard-to-discover, malicious documents that can be deployed in phishing attacks.

Fraud Management & Cybercrime

Attackers Target Unpatched SAP Applications

Akshaya Asokan  •  April 7, 2021

Attackers are targeting unpatched SAP applications, and the exploits could lead to the hijacking of the vulnerable systems, data theft and ransomware attacks, SAP and Onapsis Research Labs report. They note that patches for most of the flaws have been available for several years.

Card Not Present Fraud

Stolen Cards, Reportedly From Cardpool.com, Sold on Darknet

Akshaya Asokan  •  April 6, 2021

A Russian-speaking cybercriminal recently sold on a darknet forum thousands of stolen payment and gift cards that researchers at Gemini Advisory believe were taken from the now-defunct online gift card exchange Cardpool.com.

Breach Notification

Ransomware Cleanup Costs Scottish Agency $1.1 Million

Mathew J. Schwartz  •  April 6, 2021

How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.

Breach Notification

Capital One Warns of More Data Leaked in 2019 Breach

Prajeet Nair  •  April 5, 2021

Capital One is warning additional customers that their Social Security numbers may have been exposed in a massive 2019 breach. Meanwhile, a suspect in the breach is slated to go to trial in October.

Breach Notification

Healthcare Phishing Incidents Lead to Big Breaches

Marianne Kolbasuk McGee  •  April 5, 2021

As healthcare sector organizations continue to fall victim to phishing incidents, the number of individuals affected by health data breaches involving compromised email accounts continues to rise.

Breach Notification

533 Million Facebook Account Records Posted to Forum

Doug Olenick  •  April 4, 2021

A security researcher found more than 500 million Facebook records being offered for free on the darknet, exposing basic user information, including any phone numbers associated with the accounts. Facebook says this is “old data” previously reported as exposed.