667 matches found
N.J.'s Largest Hospital System Pays Up in Ransomware Attack
New Jersey’s largest hospital system said that it has paid hackers a ransom after a ransomware attack disrupted its services earlier this month. Hackensack Meridian Health, a $6 billion non-profit health provider system based in Edison, N.J., operates 17 hospitals, nursing homes and outpatient...
Maze Ransomware Behind Pensacola Attack, Data Breach Looms
The Maze ransomware is likely the culprit behind the recently reported cyberattack on Pensacola, Fla. that occurred earlier this week, which downed systems citywide. In an email sent to county commissioners, IT administrators said that the Florida Department of Law Enforcement said that the...
Threat Source newsletter (Dec. 12, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. We’re entering our Year in Review period. Now’s the time to look back on the top stories from 2019 and think about what we learned. In t...
Cyberattack Downs Pensacola's City Systems
The city of Pensacola, Fla., said it has been hit by a cyberattack that shut down the city’s computer networks and affected its systems. The attack occurs just days after a shooting occurred Friday at U.S. military base Naval Air Station Pensacola, leaving three dead. Pensacola’s mayor, Grover...
Explained: juice jacking
When your battery is dying and you're nowhere near a power outlet, would you connect your phone to any old USB port? Joyce did, and her mobile phone got infected. How? Through a type of cyberattack called "juice jacking." Don’t be like Joyce. Although Joyce and her infected phone are hypothetical...
Official Monero Site Hacked to Distribute Cryptocurrency Stealing Malware
What an irony — someone hacked the official website of the Monero cryptocurrency project and quietly replaced legitimate Linux and Windows binaries available for download with malicious versions designed to steal funds from users' wallets. The latest supply-chain cyberattack was revealed on Monda...
Magento Warns E-Commerce Sites to Upgrade ASAP to Prevent Attacks
The popular e-commerce platform Magento is urging web administrators to install its latest security update in order to defend against malicious attacks in the wild that could exploit a critical remote code-execution vulnerability. While the company didn’t specify what kinds of potential attacks...
CVE-2012-1109
mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing iferror magic functions...
A week in security (November 4 – November 10)
Last week on Malwarebytes Labs, we announced the launch of Malwarebytes 4.0, tackled data privacy legislation, and explored some of the ways robocalls come gunning for your data and your money. We also laid out the steps involved in popular vendor email compromise attacks. Other cybersecurity new...
What’s So Dangerous About Spear Phishing?
Spear phishing is one of the most common and most effective cyberattack vectors seen today. Delivered through email, spear phishing campaigns aim either to infect devices with malware, or to steal important information—like credentials and bank numbers. Spear phishing is targeted at specific grou...
Presentation Template: Build Your 2020 Security Plan
As the end of the year approaches, security decision makers are creating their 2020 plans and running them by management for approval. In most cases, this means requesting and making the case for the necessary resources that need to be allocated, while still providing value to the organization. T...
Solar, Wind Power Utility Disrupted in Rare Cyberattack
A cyberattack on the U.S. energy grid has just come to light, so to speak, which disrupted plant visibility at Utah-based sPower back in March. sPower, a Utah-based wind and solar provider, began experiencing a series of lost connections between its main control center and remote power-generation...
Insurance Pays Out a Sliver of Norsk Hydro's Cyberattack Damages
On the heels of a severe cyberattack, aluminum giant Norsk Hydro has received only $3.6 million in cyber-insurance – just a fraction of the total costs in damage. Overall, the Oslo, Norway-based company incurred between $60 million to $71 million in damages from the incident, which forced it to...
Hackers Target Indian Nuclear Power Plant – Everything We Know So Far
A story has been making the rounds on the Internet since yesterday about a cyber attack on an Indian nuclear power plant. Due to some experts commentary on social media even after lack of information about the event and overreactions by many, the incident received factually incorrect coverage...
Hackers Target Indian Nuclear Power Plant – Everything We Know So Far
A story has been making the rounds on the Internet since yesterday about a cyber attack on an Indian nuclear power plant. Due to some experts commentary on social media even after lack of information about the event and overreactions by many, the incident received factually incorrect coverage...
City of Johannesburg, on Second Hit, Refuses to Pay Ransom
The city of Johannesburg, South Africa, is refusing to pay a ransom of four Bitcoins to a hacker group who accessed the city’s network and stole sensitive data, threatening to release it if the ransom wasn’t paid. It’s the second time in several months that the city has been hit with a cyberattac...
Country of Georgia Suffers Widespread Cyberattack
A cyberattack hit the small country of Georgia, Monday, knocking 2,000 websites as well as the national TV station offline in the largest cyberattack the nation has ever seen. The relatively unsophisticated defacement attack—which replaced normal functionality with an image of former Georgian...
Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise
Microsoft Threat Experts is the managed threat hunting service within Microsoft Defender Advanced Threat Protection ATP that includes two capabilities: targeted attack notifications and experts on demand. Today, we are extremely excited to share that experts on demand is now generally available a...
Celebrate Cybersecurity Awareness Month with These Tips From a Survey of 1,200 Security Pros
Held every October, National Cybersecurity Awareness Month NCSAM is a collaborative effort between government and industry meant to raise awareness about the importance of cybersecurity. NCSAM is focused largely on consumer awareness, but for cybersecurity leaders, it is also a great opportunity ...
Details of the Olympic Destroyer APT
Interesting details on Olympic Destroyer, the nation-state cyberattack against the 2018 Winter Olympic Games in South Korea. Wired's Andy Greenberg presents evidence that the perpetrator was Russia, and not North Korea or China...