IT Security Newsletter

IT Security Newsletter - 03/04/2021

Written by Cadre | Thu, Mar 4, 2021

Cloud security firm Qualys reportedly victimized by prolific scammers

A set of cybercriminals behind a string of recent hacks involving Accellion-made software is now claiming responsibility for a breach of Qualys, a major cloud computing security vendor. As proof of the access to data, an extortion site maintained by hackers has leaked documents claiming to contain information on Qualys customers. Attackers affiliated with the extortion site have previously been linked to the Clop ransomware, a file-locking malware that emerged two years ago. READ MORE...

Russian cybercriminal forum hacked, user details exposed

Oh dear. How unfortunate. A Russian cybercrime forum appears to have suffered a data breach, spilling details of users. Risk intelligence experts at Flashpoint say that the elite Russian-language cybercrime forum "Maza" - previously known as "Mazafaka" - has been hacked, exposing information about forum members. Normally when an online forum suffers a data breach, its users have to be on their guard against attacks from cybercriminals and fraudsters who might try to exploit the leaked details. READ MORE...

Wall Street targeted by new Capital Call investment email scammers

Business Email Compromise (BEC) scammers, who have made rich returns in recent years tricking organisations into transferring funds into their accounts, have found a new tactic which attempts to swindle Wall Street firms out of significantly larger amounts of money. According to a newly published-report by Agari, scammers are seeking to defraud Wall Street businesses and their customers out of US $809,000 on average per incident. READ MORE...

SolarWinds reports $3.5 million in expenses from supply-chain attack

SolarWinds has reported expenses of $3.5 million from last year's supply-chain attack, including costs related to incident investigation and remediation. Further expenses were recorded by SolarWinds after paying for legal, consulting, and other professional services related to the December hack and provided to customers for free. SolarWinds supply-chain attack, the incurred expenses reported so far were recorded through December 2020. READ MORE...

CompuCom MSP confirms ongoing outage following malware incident

US managed service provider CompuCom has suffered a cyberattack leading to service outages and customers disconnecting from the MSP's network to prevent the spread of malware. CompuCom is an IT managed services provider (MSP) that provides remote support, hardware and software repair, and other technology services to companies. CompuCom is a wholly-owned subsidiary of The ODP Corporation (Office Depot/Office Max) and employs approximately 8,000 people. READ MORE...

Ryuk ransomware develops worm-like capabilities, France warns

A new sample of Ryuk ransomware appears to have worm-like capabilities, according to an analysis from the French National Agency for the Security of Information Systems (ANSSI), France's national cybersecurity agency. With such worm-like self-replicating capabilities, Ryuk, one of the most prolific strains of ransomware in the world, can spread from machine to machine without any human interaction. The development presents only another challenge for security-minded researchers. READ MORE...

Qualys Confirms Unauthorized Access to Data via Accellion Hack

Hours after the Clop ransomware gang published data allegedly stolen from information security and compliance solutions provider Qualys, the company has confirmed being impacted by the recent cyberattack involving Accellion's FTA product. Founded in 1999, the California-based firm serves more than 10,000 customers in over 130 countries around the world, including many of the Forbes Global 100 companies. READ MORE...

BEC scammers are targeting investors for massive payouts

Business email compromise (BEC) scammers are utilizing a new type of attack targeting investors that could leverage payouts seven times greater than average. When an investor buys into a firm's investment fund, such as private equity or real estate fund, the firm may ask the investor to hold onto the money until they request it. This agreement allows an investor to keep their money in a more favorable investment to earn interest rather than sitting idle in an investment fund. READ MORE...

Scammers exploit COVID-19 vaccine confusion for fraud efforts

A confusing, chaotic rush to deliver COVID-19 vaccinations is making cyberspace a more fertile place for pandemic-related scams. Researchers at Barracuda Networks said on Thursday that vaccine-related spearphishing emails rose 26% from October to the end of January. That roughly coincides with the time Pfizer and Moderna announced vaccine availability, and represents a 12% uptick from up from the one-month period of October to November. READ MORE...

21 million free VPN users' data exposed

Detailed credentials for more than 21 million mobile VPN app users were swiped and advertised for sale online last week, offered by a cyber thief who allegedly stole user data collected by the VPN apps themselves. The data includes email addresses, randomly generated password strings, payment information, and device IDs belonging to users of three VPN apps-SuperVPN, GeckoVPN, and ChatVPN. The attacks, which have not been confirmed by the VPN developers. READ MORE...

  • ...in 1745, Revolutionary War general Casimir Pulaski, recognized as the father of the American cavalry, is born in Warsaw, Poland.
  • ...in 1789, the first Congress of the United States meets, putting the US Constitution into effect for the first time.
  • ...in 1922, F.W. Murnau's silent horror film "Nosferatu" (an early unauthorized adaptation of Bram Stoker's "Dracula") premieres in Berlin.
  • ...in 1977, the first ever CRAY 1 supercomputer is shipped to Los Alamos Laboratories in New Mexico.