WKYT reports: Scott County Schools has announced the district is a victim of a multi-million dollar online scam. The FBI is now investigating after Superintendent Dr. Kevin Hub said an undisclosed vendor told the district it never was paid for an invoice from two weeks ago. As the district investigated, it learned it fell victim…
Category: Phishing
Illinois dental insurer notifies members after phishing attack
Delta Dental is the largest dental plan system in the United States, composed of 39 member companies. Today, Delta Dental of Illinois disclosed a security incident affecting an unspecified number of their insured members and dependents. According to the notification signed by their CEO, they recently learned that an employee had fallen prey to a…
Google Moves Developers to OAuth to Help Prevent Phishing Attacks
Dennis Fisher reports: In an effort to cut off an avenue used in some phishing attacks, Google is planning to block authentication attempts from some apps that use embedded browser frameworks in the near future. The change is part of a broader initiative by the company to get a better handle on when and how…
Phishing threats results in safety measures from Ohio University
Abby Miller reports: Ohio University has implemented multiple safety measures in order to decrease the amount of phishing email attacks against OU faculty and students. The first security updates were implemented on March 9, which were a part of OU’s bigger plan to increase its security measures, according to its website. The changes were put…
Spear Phishing Campaign Targets Ukraine Government and Military; Infrastructure Reveals Potential Link to So-Called Luhansk People’s Republic
John Hultquist, Ben Read, Oleg Bondarenko, and Chi-en Shen of FireEye explain: In early 2019, FireEye Threat Intelligence identified a spear phishing email targeting government entities in Ukraine. The spear phishing email included a malicious LNK file with PowerShell script to download the second-stage payload from the command and control (C&C) server. The email was…
WA: RS Medical notifies patients because an attacker potentially had access to their information
On April 7, RS Medical disclosed an incident that had the potential to compromise patient information. A copy of the notification from the Vancouver, Washington entity, obtained by DataBreaches.net, indicates that the attacker may not have been particularly interested in patient information, though: The primary purpose of the breach, as determined by internal investigation, was…