Lorenzo Franceschi-Bicchierai reports: A 21-year-old from Virginia plead guilty on Friday to writing and selling custom spyware designed to monitor a victim’s keystrokes. Zachary Shames, from Great Falls, Virginia, wrote a keylogger, malware designed to record every keystroke on a computer, and sold it to more than 3,000 people who infected more than 16,000 victims…
Month: January 2017
Email account with patient information at U. Maryland doctors group hacked
Andrea K. McDaniels reports: A doctor’s practice plan affiliated with the University of Maryland School of Medicine has notified patients that somebody hacked the account of a physician assistant’s email account that contained the personal information of patients. The orthopedics practice at The University of Maryland Faculty Physicians Inc. mailed letters to about 1,500 patients…
Misconfigured Server Gives Insight Into Cerber Ransomware Operation
Catalin Cimpanu reports: Security researchers have gained access to one of the servers used by the Cerber gang, from where they were able to extract basic statistics about their operation. A security researcher that only goes by the nickname of Racco42 discovered the vulnerability on Thursday, January 12. The issue affected only one Cerber server, not all,…
Summit Reinsurance Services breach affected 19,000
The Summit Reinsurance Services ransomware breach, noted previously on this site, is beginning to attract more attention. First State Update reports: As a result of multiple consumer complaints, the Delaware Department of Insurance has been made aware of a security breach, involving Summit Reinsurance Services, Inc. (“SummitRe”) and BCS Financial Corporation, both subcontractors of Highmark…
Need help because your MongoDB installation was hit by ransomware?
For the past week, this site has been providing updates on previous coverage about a wave of ransomware attacks hitting misconfigured MongoDB installations. New instances continue to be detected by researchers on a daily basis. The attacks have shown no geographic or sector boundaries – any MongoDB installation indexed by Shodan.io that had or has…
Affiliates able to access databases of ALL Hello Markets brands and CRM data in massive security breach
Andrew Saks-McLeod reports: When providing white label solutions to brands, as is the case of a number of smaller retail FX brokerages that either do not have the resources or the business direction to invest in their own servers and infrastructure, as well as the entire OTC binary options business, the security of data is…