<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 04/02/2021

SHARE

Breaches

Ransomware gang wanted $40 million in Florida schools cyberattack

Fueled by large payments from victims, ransomware gangs have started to demand ridiculous ransoms from organizations that can not afford to pay them. An example of this is a recently revealed ransomware attack on the Broward County Public Schools district where threat actors demanded a $40,000,000 payment. According to the Broward County Public Schools (BCPS) website, the school system is the sixth-largest in the USA, with nearly 261,000 students and approximately 110,000 adult students [...] READ MORE...


Kansas man indicted in connection with 2019 hack at water utility

A U.S. grand jury has indicted a 22-year-old man for allegedly hacking the computer system of a rural water utility in Kansas and shutting down processes that affect procedures for cleaning and disinfecting water. Federal prosecutors allege in an indictment unsealed Wednesday that Wyatt Travnichek logged into Ellsworth County Rural Water District's computer system in 2019 as part of an "unauthorized remote intrusion" that resulted "in the shut-down of the facility's processes." READ MORE...

Hacking

US DOJ: Phishing attacks use vaccine surveys to steal personal info

The US Department of Justice warns of phishing attacks using fake post-vaccine surveys to steal money from people or tricking them into handing over their personal information. Attackers promise potential victims cash or prizes for filling out the fake surveys. Instead, they only harvest the filled-out personally identifiable information to fuel fraud schemes involving identity theft. Consumers receive the surveys via email and text message and are told that, as a gift for filling out the survey. READ MORE...


Federal agencies given five days to find hacked Exchange servers

CISA, the US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, has told federal agencies that they have until 12:00pm EDT on Monday April 5 to scan their networks for evidence of intrusion by malicious actors, and report back the results. CISA is ordering agencies with on-premises Microsoft Exchange servers to urgently conduct the scans following widespread exploitation of vulnerabilities, in fear that some compromises may have remained undetected. READ MORE...

Trends

Death, taxes, and hacks: How to prevent cyberattacks during tax season

Remember how folks did taxes in the olden days? They'd collect large piles of paper documents, fill out endless pages of forms, stuff a bunch of receipts in a shoebox and - after filing to the IRS - cross their fingers hoping they didn't forget something that would hold up the processing of the return. (If you're too young to recall any of this, just trust us - this happened regularly.) Filing tax returns electronically. READ MORE...

Software Updates

Android "System Update" malware steals photos, videos, GPS location

A newly discovered piece of Android malware shares the same capabilities found within many modern stalkerware-type apps-it can swipe images and video, rifle through online searches, record phone calls and video, and peer into GPS location data-but the infrastructure behind the malware obscures its developer's primary motivations. First spotted by the research team at Zimperium zLabs, the newly found malware is already detected by Malwarebytes for Android. It does not have a catchy name. READ MORE...

Malware

GitHub Arctic Vault likely has leaked MedData patient records

GitHub Arctic Code Vault has likely captured sensitive patient medical records from multiple healthcare facilities in a data leak attributed to MedData. The private data was leaked on GitHub repositories last year whose contributors carry the "Arctic Code Vault" badge. This means, these repositories could now be a part of a huge open-source repo collection bound to last a 1,000 years. READ MORE...


Robinhood Warns Customers of Tax-Season Phishing Scams

Attackers are impersonating the stock-trading broker using fake websites to steal credentials as well as sending emails with malicious tax files. Attackers have targeted customers of stock-trading broker Robinhood with a phishing campaign aimed to steal their credentials and spread malware using fake tax documents, the company has warned. Robinhood, which aims to make it easy for people to trade stocks online but has faced a number of regulatory and legal challenges along the way. READ MORE...

Information Security

Biden's cyber executive order to include new rules for federal agencies, contractors

Under a forthcoming White House order, companies that do business with the federal government would have to meet software security standards and swiftly report cyber incidents to a new entity within the Department of Homeland Security, sources familiar with a draft version of the document said. The order, which could be made public in a matter of weeks, is meant to improve the government's ability to detect, coordinate, respond to and investigate cybersecurity incidents. READ MORE...


Molson Coors Cyberattack, Storms Could Cost Company $140 Million

Cyber Incident and Texas Storms Will Delay Between 1.8 and 2.0 Million Hectoliters of Beer Production and Shipments. Brewing giant Molson Coors said that a disruptive cyberattack, combined with winter storms in Texas, could cost the company upwards of $140 million in short-term EBITDA. The maker of popular beer brands in the U.S., including Coors Light, Miller Lite, Molson Canadian, Blue Moon, Carling, Coors Banquet, and others. READ MORE...

Exploits/Vulnerabilities

Mobile providers exposing sensitive data to leakage and theft

Data exposure is a significant, unaddressed problem for Europe's top mobile providers and, by extension, more than 253 million customers who sign up for their services and share sensitive personal data, according to research by Tala Security. Mobile providers are exposing sensitive data: Sensitive data is at significant risk via form data exposure: Forms used to capture credentials, banking details, passport numbers, etc., are exposed to an average of 19 third-parties. READ MORE...

Encryption

Encrypted method that measures encounters could slow down or prevent future pandemics

When you bump into someone in the workplace or at your local coffee shop, you might call that an "encounter." That's the scientific term for it, too. As part of urgent efforts to fight COVID-19, a science is rapidly developing for measuring the number of encounters and the different levels of interaction in a group. At the National Institute of Standards and Technology (NIST), researchers are applying that science to a concept they have created called "encounter metrics." READ MORE...

Science & Culture

FDA slams "Real Water" linked to liver failure, water plant manager MIA

A lawyer for the water company said it can't find its plant manager or lead technician. The Food and Drug Administration on Wednesday admonished Nevada-based company Real Water for being uncooperative in a multi-state health investigation linked to its "alkalized" water products. The company is accused of poisoning its customers, causing acute liver failure and other serious health problems in adults, children, and pets. READ MORE...

On This Date

  • ...in 1889, inventor Charles M. Hall is given a patent for his method of extracting aluminum, allowing for large-scale production.
  • ...in 1917, President Woodrow Wilson asks Congress for a declaration of war on Germany and the U.S. enters WWI.
  • ...in 1941, radio host Barret Eugene Hansen, AKA "Dr. Demento," who introduced generations of listeners to classic novelty and comedy records, is born in Minneapolis, MN.
  • ...in 1947, country singer/songwriter Emmylou Harris ("Together Again", "Sweet Dreams") is born in Birmingham, AL.