City Pays $2K in Ransomware, Stirs ‘Never Pay’ Debate

The city of West Haven, Conn. made the hard choice to pay cyberattackers a $2,000 ransom after being hit with malware that ground their operations to a halt. West Haven said that its City Hall offices were the victim of a ransomware attack, which the U.S. Department of Homeland Security determine...

Anthem, Apple and the Pentagon: A Data-Breach Cornucopia

Like pumpkin spice and turning leaves, data breaches have become a theme for the fall. This season is shaping up to be no exception, with Anthem, Apple and, worryingly, the Pentagon all making headlines in the last few days. It is, of course, part of the “new normal” as cyberattackers continue to...

Threats in the Netherlands

Introduction On October 4, 2018, the MIVD held a press conference about an intercepted cyberattack on the OPWC in the Netherlands, allegedly by the advanced threat actor Sofacy also known as APT28 or Fancy Bear, among others. According to the MIVD, four suspects were caught red handed trying to...

Malware on SHEIN Servers Compromises Data of 6.4M Customers

Email addresses and encrypted passwords of over 6.4 million SHEIN customers were stolen over the summer after the women’s retailer said it suffered a “concerted criminal cyberattack” on its computer network. The data breach occurred between June and August 2018, the company said in a recent...

NotPetya

Andy Greenberg wrote a fascinating account of the Russian NotPetya worm, with an emphasis on its effects on the company Maersk. BoingBoing post...

ThreatList: Financial Services Firms Lag in Patching Habits

Almost half 45 percent of financial services firms in a recent survey have reported a data breach in the last two years – with many of those attacks being completely avoidable if known vulnerabilities were patched. In a Ponemon Institute survey of nearly 3,000 cybersecurity professionals at...

Singapore's Largest Healthcare Group Hacked, 1.5 Million Patient Records Stolen

Singapore's largest healthcare group, SingHealth, has suffered a massive data breach that allowed hackers to snatch personal information on 1.5 million patients who visited SingHealth clinics between May 2015 and July 2018. SingHealth is the largest healthcare group in Singapore with 2 tertiary...

Singapore's Largest Healthcare Group Hacked, 1.5 Million Patient Records Stolen

Singapore's largest healthcare group, SingHealth, has suffered a massive data breach that allowed hackers to snatch personal information on 1.5 million patients who visited SingHealth clinics between May 2015 and July 2018. SingHealth is the largest healthcare group in Singapore with 2 tertiary...

Indian iPhone Spy Campaign Used Fake MDM Platform

Cyberattackers have used a bogus mobile device management MDM system to target a small – but presumably high-value – set of iPhones in India, in a cyberespionage campaign that has some unusual hallmarks. Researchers said Thursday that attackers deployed an open-source MDM – which is typically use...

Olympic Destroyer Returns to Target Biochemical Labs

Olympic Destroyer, the threat actor that caused a crippling sabotage attack on the networks supporting this year’s Winter Games in Pyeongchang, South Korea, has resurfaced with a spy campaign – and with a wider target range. The new campaign began last month and is ongoing, employing spear-phishi...

Banco de Chile Wiper Attack Just a Cover for $10M SWIFT Heist

A cyberattack against Chile’s largest financial institution last month, which reportedly destroyed 9,000 workstations and 500 servers, was actually cover for a larger plot to compromise endpoints handling transactions on the SWIFT network. When the dust settled on the attacks, investigators said...

This Week in Security News: HR and Heritage Hacks

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the details of 92 million accounts for MyHertitage were discovered on a private server outside of the company. Also, companies using service...

1834: The First Cyberattack

Tom Standage has a great story of the first cyberattack against a telegraph network. The Blanc brothers traded government bonds at the exchange in the city of Bordeaux, where information about market movements took several days to arrive from Paris by mail coach. Accordingly, traders who could ge...

Mexico’s Banking System Sees $18M Siphoned Off in Phantom Transactions

Somewhere between $18 million to $20 million has gone missing during unauthorized interbank money transfers in Mexico’s central banking system. Authorities are investigating the shadow transactions, but answers are thus far scarce. The affected banks and government officials are determining wheth...

Insecure SCADA Systems Blamed in Rash of Pipeline Data Network Attacks

After a cyberattack shut down numerous pipeline communication networks this week, experts are stressing the importance of securing third-party systems in supervisory control and data acquisition SCADA environments. Over the past two days, various major U.S. pipelines across the country reported...

OlympicDestroyer is here to trick the industry

A couple of days after the opening ceremony of the Winter Olympics in Pyeongchang, South Korea, we received information from several partners, on the condition of non-disclosure TLP:Red, about a devastating malware attack on the Olympic infrastructure. A quick peek inside the malware revealed a...

ラピッド サイバー攻撃の一種、Petya の概要

本記事は、Microsoft Secure ブログ “Overview of Petya, a rapid cyberattack” 2018 年 2 月 5 日 米...

February 13, 2018 – Morning Cyber Coffee Headlines – “Abraham Lincoln” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! February 13, 2018 - Headlines Carbon Black in the News: MSSPs Wasting Time on...

‘Olympic Destroyer’ Malware Behind Winter Olympics Cyberattack, Researchers Say

Winter Olympics officials have confirmed that a cyberattack occurred during the games’ opening ceremony on Feb. 9, but are remaining mum on the source of the attack. Researchers say the attack employed malware, dubbed Olympic Destroyer, that was written with the sole intention of destroying...

Overview of Petya, a rapid cyberattack

In the first blog post of this 3-part series, we introduced what rapid cyberattacks are and illustrated how they are different in terms of execution and outcome. Next, we will go into some more details on the Petya aka NotPetya attack. How Petya worked The Petya attack chain is well understood,...