NYPD Fingerprint Database Taken Offline to Thwart Ransomware
The LiveScan fingerprint-tracking system used by the New York Police Department was infected with ransomware last week, prompting the NYPD to take the database offline on Friday night. The department managed to get the systems back up and running by Saturday morning. Fortunately the impact of the attack was limited
Magecart 5 Linked to Carbanak Gang
New research by Malwarebytes connects Magecart Group 5, one of the most prominent payment card skimming threat actors, to the notorious Carbanak threat group. Magecart is an umbrella term for various criminal groups that attack websites with the aim of injecting them with “skimming” malware designed to steal the payment
Tactics of Supply-Chain Attack Group Exposed
Recent research by ESET has uncovered some of the tactics and tools used by the Winnti hacking group that has been carrying out supply-chain attacks against gaming companies since at least 2011. The attackers usually target game developers in order to embed backdoors in video games. In March of this
Magecart Attack on eCommerce Platform Hits Thousands of Online Shops
Trend Micro recently discovered a new Magecart campaign targeting webshops hosted on the Volusion platform. Magecart is an umbrella term for various criminal groups that attack websites with the aim of injecting them with “skimming” malware designed to steal the payment card information of visitors. Last month, threat actors compromised
Airbus hit by series of cyber attacks on suppliers
In the last 12 months, threat actors have launched four supply-chain attacks targeting European multinational aerospace corporation Airbus via some of its suppliers, insiders told AFP. During this period, the company only publicly acknowledged a security incident in January, which reportedly led to “unauthorised access to data.” The AFP’s sources
Ransomware hits hundreds of dentist offices in the US
Threat actors have managed to infect the systems of hundreds of US dental practice offices with ransomware by compromising third-party software. The exploited software is DDS Safe, a medical data backup solution offered by The Digital Dental Record and PerCSoft. Last weekend, hackers compromised the DDS Safe infrastructure, which enabled
Five Factors Influencing the Cybersecurity Threat Landscape
New research by Accenture outlines the following five key factors that are driving the evolution of the cyberthreat landscape: Geopolitical tensions are driving disinformation and other threat campaigns that increasingly impact businesses. Cybercriminal networks continue to mature and adapt, which enables them to continue operations despite efforts by law enforcement
A Secure Network Is Not Enough, Cyber Wargames Show
A series of cyber war games organized by the US Defense department has revealed unexpected ways in which threat actors could sabotage military operations, even if military networks are well protected. The vulnerabilities stem from the military’s reliance on private contractors and civilian infrastructure. For instance, military operations could be
Beyond Wipro: Meet the ‘Gift Cardsharks’ Behind the Massive Campaign Targeting Victims with Commercially Available Tools
In April of this year various reports suggested that Indian IT outsourcing and consulting services giant Wipro experienced a significant breach affecting some of the companies it provided services to. Krebs On Security first reported the breach, based on accounts from various sources claiming that state-backed hackers had been lurking on Wipro’s
Small Businesses May Not Be Security’s Weak Link
A new report by (ISC)² indicates that the poor reputation of small businesses when it comes to security isn’t entirely justified. Small firms are often considered to be a supply-chain risk for larger corporations, but (ISC)² found that security breaches resulting from cooperation with a large company are slightly more