IT Security Newsletter

IT Security Newsletter - 09/25/2020

Written by Cadre | Fri, Sep 25, 2020

Government Software Provider Tyler Technologies Confirms Ransomware Attack

Tyler Technologies, a major provider of software and services for state and local governments in the United States, has confirmed that the recently disclosed cybersecurity incident involved ransomware. Tyler this week shut down its website and started informing customers via email that its internal phone and IT systems were accessed without authorization by an unknown third party. The company said the attack disrupted access to some internal systems, and it decided to shut down points of access to external systems. READ MORE...

Officials: Washington Being Targeted by Phishing Campaign

Washington state is among those being targeted by a "large-scale, highly sophisticated" nationwide phishing campaign, the office of Gov. Jay Inslee said Thursday. At a press conference Thursday, Inslee said that the state is taking proactive measures to protect state systems, but he said that no ransomware activity has occurred among the agencies targeted, and no state services have been impacted. "We're using every resource at our disposal to prevent these criminals..." . READ MORE...

Maryland Man Gets 12 Months in Prison for Hacking Former Employer

A Maryland man was sentenced to 12 months and one day in prison for hacking into and damaging the computers of his former employer. From January 5, 2004, through August 6, 2015, the man, Shannon Stafford, 50, of Crofton, Maryland, was employed at an unnamed international company with thousands of offices worldwide, in the IT department. Employed at the company's Washington office, Stafford provided IT technical support to the organization's Washington, McLean, Virginia, and Baltimore offices. READ MORE...

US Army combines fake hacks, natural disaster simulation to test municipal responses

Cybersecurity experts from the U.S. military and the private sector have spent recent weeks working with two American cities to test their ability to respond during a simulated cyberattack layered with several simulated physical disruptions. The virtual exercise, which has feigned malware and ransomware attacks against targets in Charleston, S.C., and Savannah, Ga., over the last several weeks, is aimed at testing participants' ability to defend against digital threats. READ MORE...

Election cyberthreats have been 'blocked, minimal or easily mitigated,' federal agencies remind voters

For the second time in a week, U.S. national security agencies have publicly reassured voters that election systems are being guarded from hacking and that the integrity of the vote is intact. The FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency "have not identified any threats, to date, capable of preventing Americans from voting or changing vote tallies for the 2020 elections," the agencies said in a statement published Thursday. READ MORE...

Feds Hit with Successful Cyberattack, Data Stolen

A federal agency has suffered a successful espionage-related cyberattack that led to a backdoor and multistage malware being dropped on its network. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Thursday, not naming the agency but providing technical details of the attack. Hackers, it said, gained initial access by using employees' legitimate Microsoft Office 365 log-in credentials to sign onto an agency computer remotely. READ MORE...

Sandbox in security: what is it, and how it relates to malware

To better understand modern malware detection methods, it's a good idea to look at sandboxes. In cybersecurity, the use of sandboxes has gained a lot of traction over the last decade or so. With the plethora of new malware coming our way every day, security researchers needed something to test new programs without investing too much of their precious time. Sandboxes provide ideal, secluded environments to screen certain malware types without giving that malware a chance to spread. READ MORE...

Taurus Project stealer now spreading via malvertising campaign

For the past several months, Taurus Project-a relatively new stealer that appeared in the spring of 2020-has been distributed via malspam campaigns targeting users in the United States. The macro-laced documents spawn a PowerShell script that invokes certutil to run an autoit script ultimately responsible for downloading the Taurus binary. Taurus was originally built as a fork by the developer behind Predator the thief. It boasts many of the same capabilities as Predator the thief. READ MORE...

Scammers drain bank accounts using AnyDesk and SIM-swapping

Scammers mixed together a malicious cocktail of social engineering, SIM-swapping, and remote desktop software to empty the bank accounts of at least three victims. In total, victims lost more than $350,000. They were likely swindled by the same individuals since the modus operandi and some details were the same in all three cases. The scams happened over the summer in Budapest and started with the ruse of a well-located apartment offered for sale below the market value. READ MORE...

1Password and Privacy.com let consumers create virtual cards to ensure safe online payments

Two companies founded on security and privacy are partnering to make online payments quicker and safer. Password manager 1Password and virtual card platform Privacy.com announced an API integration that lets users create virtual cards in their browser quickly and safely when they need to make a payment. The FTC reports that credit card fraud is by far the most common type of identity theft, occurring in 41.8% of all identity theft reports. READ MORE...

  • ...in 1911, ground is broken in Boston, MA for Fenway Park.
  • ...in 1930, writer and illustrator Shel Silverstein ("The Giving Tree", "Where the Sidewalk Ends") is born in Chicago, IL.
  • ...in 1951, actor Mark Hamill, best known as Luke Skywalker in "Star Wars", (as well as the voice of the Joker on "Batman: The Animated Series") is born in Oakland, CA.
  • ...in 1956, TAT-1, the first transatlantic telephone cable system is inaugurated, stretching between Scotland and Newfoundland.