03 Jun 2021

Scripps Notifying 147K People of Data Breach

California healthcare provider Scripps is currently informing more than 147,000 individuals that their personal data may have been exposed in a recent cyber-attack against the organizations. Scripps operates five hospitals in San Diego, along with other facilities. The organization took most of its network offline after discovering suspicious activity such

Read More
03 Jun 2021

Teen Crashes Florida School District’s Network

An unnamed teenage boy from Florida is currently facing felony charges after conducting a cyberattack that crashed the networks of 145 schools last spring. The teen was a student at one of the affected schools. The cyberattack was a distributed denial of service (DDoS) attack that caused all of the

Read More
02 Jun 2021

US Seizes Attacker Domains Used in USAID Phishing Campaign

The United States has seized two command and control malware distribution domains that were utilized in a recently disclosed spearphishing campaign that impersonated email communications from the US Agency for International Development (USAID). The attack was disclosed by Microsoft and Volexity last week, and the operation has been attributed to

Read More
02 Jun 2021

Critical Zero-Day in WordPress Plugin Under Active Attack

Security researchers have warned that a new critical zero-day vulnerability in a WordPress plugin has been found to be actively exploited in the wild. The plugin, called the Fancy Product Designer, is installed on roughly 17,000 sites, according to Wordfence security experts. The tool allows users to upload images and

Read More
02 Jun 2021

Rhode Islander Charged with Phishing Political Candidates

A Rhode Island woman has been charged with phishing and email fraud after impersonating Microsoft to steal personal information from political candidates and their staff. The woman, Diana Lebeau, allegedly delivered phishing emails to 22 different campaign staffers working for a political candidate around January 2020. Lebeau, who is 21,

Read More
02 Jun 2021

XSS vulnerability found in popular WYSIWYG website editor

Security consultant at Bishop Fox Chris Davis recently discovered and publicly disclosed a new vulnerability in a popular tool used by at least 30,000 websites, a WYSIWYG editor. The bug is tracked as CVE-2021-28114 and impacts Froala version 3.2.6 and earlier. Froala operates as a WYSIWYG HTML rich text editor

Read More
01 Jun 2021

Ransomware: The Present we Deserve?

The scourge of ransomware is the inevitable result of decades of schizophrenia about our relationship with information technology and security. Treating this problem in the same fashion as we have those that came before it will only prolong our suffering. Clarity, creativity, and will are required if we are to have any hope of a future where ransomware is an annoyance and not a plague.

Read More
01 Jun 2021

Hackers Exploit Post-COVID Return to Offices

As Covid-19 restrictions begin to lift and thousands of employees return back to offices, ending the work-from-home movement, threat actors are ramping up spear-phishing campaigns. The latest campaign consisted of sending employees emails posing as CIOs welcoming employees back into offices. The emails outline a targeted company’s post-pandemic cubicle protocols,

Read More
01 Jun 2021

Asian cybercrime takedown leads to intercept of $83 million in financial theft

Last week, Interpol announced that over the course of six months, it had successfully intercepted a total of $83 million through Operation Haechi-i. The operation was conducted between September 2020 and March 2021, focusing on combatting romance scams, money laundering linked to illegal online gambling, investment fraud, online sextortion, and

Read More
01 Jun 2021

FBI Issues Fortinet Flash Warning

The US Federal Bureau of Investigation issued a flash warning late last week pertaining to the exploitation of Fortinet vulnerabilities by advanced persistent threat (APT) groups. The FBI stated that an APT group has been actively targeting a FortiGate appliance since May 2021 seeking to access a web server hosting

Read More