IT Security Newsletter

IT Security Newsletter - 6/5/2020

Written by Cadre | Fri, Jun 5, 2020

Krebs on Security: Romanian Skimmer Gang in Mexico Stole $1.2 Billion

An exhaustive inquiry published today by a consortium of investigative journalists says a three-part series KrebsOnSecurity published in 2015 on a Romanian ATM skimming gang operating in Mexico's top tourist destinations disrupted their highly profitable business, which raked in an estimated $1.2 billion and enjoyed the protection of top Mexican authorities. READ MORE...

San Francisco Employees' Retirement System Discloses Data Breach

The San Francisco Employees' Retirement System (SFERS) this week disclosed a data breach that impacted over 70,000 of its members. The incident, SFERS reveals, involved 10up Inc., one of the vendors the retirement program works with to provide SFERS members with online access to their account information. On March 21, the vendor discovered that an unknown party accessed a server that contained, among others, a database with information on approximately 74,000 SFERS member accounts, as of August 29, 2018. READ MORE...

Hackers tried to steal database logins from 1.3M WordPress sites

A large scale attack targeted hundreds of thousands of WordPress websites over the course of 24 hours, attempting to harvest database credentials by stealing config files after abusing known XSS vulnerabilities in WordPress plugins and themes. "Between May 29 and May 31, 2020, the Wordfence Firewall blocked over 130 million attacks intended to harvest database credentials from 1.3 million sites by downloading their configuration files," Wordfence QA engineer and threat analyst Ram Gall said. READ MORE...

Email scammer pleads guilty to defrauding Texas firms out of more than $500,000

A 64-year-old man has admitted his role in an email-based fraud scheme that relied on spoofed email addresses to con two companies out of more than $500,000. Kenety Kim, or Myung Kim, pleaded guilty Tuesday in a Texas court to conspiracy to commit money laundering as part his role in a business email compromise scheme. Kim used email addresses that impersonated legitimate corporate accounts to intercept financial transfers, or to convince a firm to direct money into an account under Kim's control. READ MORE...

New Tycoon ransomware targets both Windows and Linux systems

A new human-operated ransomware strain is being deployed in highly targeted attacks targeting small to medium size organizations in the software and education industries since at least December 2019. The ransomware, dubbed Tycoon by security researchers with BlackBerry Threat Intelligence and KPMG, is a multi-platform Java-based malware that can be used to encrypt both Windows and Linux devices. READ MORE...

There's a new Java ransomware family on the block

BlackBerry and KPMG's UK Cyber Response Services uncovered a new ransomware strain that uses an obscure file format to avoid detection, according to new research published Thursday. After researchers conducted forensic investigations at a European educational institution, they uncovered that attackers had gained access to the unnamed institution through an internet-connected remote desktop server. READ MORE...

  • ...in 1933, President Roosevelt takes the United States off of the gold standard.
  • ...in 1968, Senator Robert Kennedy is assassinated at the Ambassador Hotel in Los Angeles, after winning the California presidential primary.
  • ...in 2010, the legendary basketball coach John Wooden passes away at the age of 99.
  • ...in 2014, Chester Nez, last of the original Navajo code talkers, dies at 93.