Reuters reports: Ukraine accused an unnamed group of Russian hackers on Wednesday (Feb 24) of trying to disseminate malicious documents through a web-based system on which government documents are circulated, but did not say whether any damage was caused. Kyiv has previously accused Moscow of orchestrating large cyber attacks as part of a “hybrid war”…
Category: Commentaries and Analyses
Hackers have eye on 6 Bangladeshi organisations
Mehedi Hasan reports: Kasablanca, a hacker group, has targeted cyberattacks on at least six well-known Bangladeshi financial and government organisations, says the e-Government Computer Incident Response Team (e-Gov CIRT), the state organisation responsible for securing the country’s cyberspace. The organisations are Bangladesh Bank, Bangladesh Police, bKash, BRAC Bank, Islami Bank Bangladesh and Corona.gov.bd. The reason…
NY Department of Financial Services Issues Cyber Fraud Alert to Regulated Entities Using Instant Quote Websites
Hunton Andrews Kurth writes: On February 16, 2021, the New York Department of Financial Services (“NYDFS”) issued a Cyber Fraud Alert (the “Alert”) to regulated entities in light of a growing campaign to steal Nonpublic Information (“NPI”), as defined under New York law, from public-facing websites that provide instant quotes for products like auto insurance (“Instant Quote…
Inside a ransomware attack on a small trucking company
Nate Tabak reports: George got the email a week after the ransomware attack on the small trucking and logistics company he manages. It contained screenshots from within the firm’s transportation management system, or TMS, the digital nerve center that orchestrates the movement of trucks and freight. The hackers sent the screenshots among other stolen data….
Follow-up: Data from the Toledo Public Schools attack by Maze reportedly being misused
In September, DataBreaches.net reported that Maze threat actors claimed to have attacked an Ohio public school district, but the district was not responding to inquiries from this site about the claims. One month later, this site named the district as Toledo Public Schools and reported that while Maze had dumped files with student and employee…
FireEye and Accellion provide more details on attack
Andrew Moore, Genevieve Stark, Isif Ibrahima, Van Ta of FireEye write: Starting in mid-December 2020, malicious actors that Mandiant tracks as UNC2546 exploited multiple zero-day vulnerabilities in Accellion’s legacy File Transfer Appliance (FTA) to install a newly discovered web shell named DEWMODE. The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, several organizations…