26 Nov 2019

NYPD Fingerprint Database Taken Offline to Thwart Ransomware

The LiveScan fingerprint-tracking system used by the New York Police Department was infected with ransomware last week, prompting the NYPD to take the database offline on Friday night. The department managed to get the systems back up and running by Saturday morning. Fortunately the impact of the attack was limited

Read More
23 Oct 2019

Magecart 5 Linked to Carbanak Gang

New research by Malwarebytes connects Magecart Group 5, one of the most prominent payment card skimming threat actors, to the notorious Carbanak threat group. Magecart is an umbrella term for various criminal groups that attack websites with the aim of injecting them with “skimming” malware designed to steal the payment

Read More
15 Oct 2019

Tactics of Supply-Chain Attack Group Exposed

Recent research by ESET has uncovered some of the tactics and tools used by the Winnti hacking group that has been carrying out supply-chain attacks against gaming companies since at least 2011. The attackers usually target game developers in order to embed backdoors in video games. In March of this

Read More
11 Oct 2019

Magecart Attack on eCommerce Platform Hits Thousands of Online Shops

Trend Micro recently discovered a new Magecart campaign targeting webshops hosted on the Volusion platform. Magecart is an umbrella term for various criminal groups that attack websites with the aim of injecting them with “skimming” malware designed to steal the payment card information of visitors. Last month, threat actors compromised

Read More
27 Sep 2019

Airbus hit by series of cyber attacks on suppliers

In the last 12 months, threat actors have launched four supply-chain attacks targeting European multinational aerospace corporation Airbus via some of its suppliers, insiders told AFP. During this period, the company only publicly acknowledged a security incident in January, which reportedly led to “unauthorised access to data.” The AFP’s sources

Read More
30 Aug 2019

Ransomware hits hundreds of dentist offices in the US

Threat actors have managed to infect the systems of hundreds of US dental practice offices with ransomware by compromising third-party software. The exploited software is DDS Safe, a medical data backup solution offered by The Digital Dental Record and PerCSoft. Last weekend, hackers compromised the DDS Safe infrastructure, which enabled

Read More
15 Aug 2019

Five Factors Influencing the Cybersecurity Threat Landscape

New research by Accenture outlines the following five key factors that are driving the evolution of the cyberthreat landscape: Geopolitical tensions are driving disinformation and other threat campaigns that increasingly impact businesses. Cybercriminal networks continue to mature and adapt, which enables them to continue operations despite efforts by law enforcement

Read More
08 Aug 2019

A Secure Network Is Not Enough, Cyber Wargames Show

A series of cyber war games organized by the US Defense department has revealed unexpected ways in which threat actors could sabotage military operations, even if military networks are well protected. The vulnerabilities stem from the military’s reliance on private contractors and civilian infrastructure. For instance, military operations could be

Read More
15 Jul 2019

Beyond Wipro: Meet the ‘Gift Cardsharks’ Behind the Massive Campaign Targeting Victims with Commercially Available Tools

In April of this year various reports suggested that Indian IT outsourcing and consulting services giant Wipro experienced a significant breach affecting some of the companies it provided services to. Krebs On Security first reported the breach, based on accounts from various sources claiming that state-backed hackers had been lurking on Wipro’s

Read More
21 Jun 2019

Small Businesses May Not Be Security’s Weak Link

A new report by (ISC)² indicates that the poor reputation of small businesses when it comes to security isn’t entirely justified. Small firms are often considered to be a supply-chain risk for larger corporations, but (ISC)² found that security breaches resulting from cooperation with a large company are slightly more

Read More