Mehedi Hasan reports: Kasablanca, a hacker group, has targeted cyberattacks on at least six well-known Bangladeshi financial and government organisations, says the e-Government Computer Incident Response Team (e-Gov CIRT), the state organisation responsible for securing the country’s cyberspace. The organisations are Bangladesh Bank, Bangladesh Police, bKash, BRAC Bank, Islami Bank Bangladesh and Corona.gov.bd. The reason…
Category: Commentaries and Analyses
NY Department of Financial Services Issues Cyber Fraud Alert to Regulated Entities Using Instant Quote Websites
Hunton Andrews Kurth writes: On February 16, 2021, the New York Department of Financial Services (“NYDFS”) issued a Cyber Fraud Alert (the “Alert”) to regulated entities in light of a growing campaign to steal Nonpublic Information (“NPI”), as defined under New York law, from public-facing websites that provide instant quotes for products like auto insurance (“Instant Quote…
Inside a ransomware attack on a small trucking company
Nate Tabak reports: George got the email a week after the ransomware attack on the small trucking and logistics company he manages. It contained screenshots from within the firm’s transportation management system, or TMS, the digital nerve center that orchestrates the movement of trucks and freight. The hackers sent the screenshots among other stolen data….
Follow-up: Data from the Toledo Public Schools attack by Maze reportedly being misused
In September, DataBreaches.net reported that Maze threat actors claimed to have attacked an Ohio public school district, but the district was not responding to inquiries from this site about the claims. One month later, this site named the district as Toledo Public Schools and reported that while Maze had dumped files with student and employee…
FireEye and Accellion provide more details on attack
Andrew Moore, Genevieve Stark, Isif Ibrahima, Van Ta of FireEye write: Starting in mid-December 2020, malicious actors that Mandiant tracks as UNC2546 exploited multiple zero-day vulnerabilities in Accellion’s legacy File Transfer Appliance (FTA) to install a newly discovered web shell named DEWMODE. The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, several organizations…
Amber Group breaks silence on unsecured storage bucket; NatSec minister suggests TechCrunch reporter may have violated CyberCrime Act
The Gleaner reports a follow-up on an unsecured storage server exposing personal information and COVID-related information of travelers to Jamaica. The exposed bucket was first reported by Zack Whittaker of TechCrunch on February 17: The storage server, hosted on Amazon Web Services, was set to public. It’s not known for how long the data was…