Catalin Cimpanu reports: A cybercrime group operating since mid-2019 has breached the email accounts of high-ranking executives at more than 150 companies, cyber-security firm Group-IB reported today. The group, codenamed PerSwaysion, appears to have targeted the financial sector primarily, which accounted for more than half of its victims; although, victims have been recorded at companies…
Category: Commentaries and Analyses
Cybercriminals are using Google reCAPTCHA to hide their phishing attacks
Graham Cluley reports, “researchers at Barracuda say that they are seeing cybercriminals deploying Google’s reCAPTCHA anti-bot tool in an effort to avoid early detection of their malicious campaigns.” As the researchers explain, criminals are using reCAPTCHA walls to block the content of their phishing pages from being scanned by URL scanning services. Read more on Hot…
Zoom Gets Stuffed: Here’s How Hackers Got Hold Of 500,000 Passwords
Davey Winder reports: At the start of April, the news broke that 500,000 stolen Zoom passwords were up for sale. Here’s how the hackers got hold of them. More than half a million Zoom account credentials, usernames and passwords were made available in dark web crime forums earlier this month. Some were given away for…
Report Finds Ransomware Crews Don’t Leave After Being Paid
Organized crews of cybercriminals that attacked health care organizations and other critical services with ransomware this month kept their access to victims’ networks even after ransoms were paid, new research released by Microsoft Corp. says. In a blog post published Tuesday, Microsoft’s Threat Protection Intelligence Team said it had identified “dozens” of ransomware attacks in the…
U.S. Supreme Court Will Finally Weigh in on Scope of CFAA
Jason C. Gavejian, Joseph J. Lazzarotti and Maya Atrakchi of JacksonLewis write: The United States Supreme Court recently granted a petition for certiorari in Van Buren v. United States addressing the issue of whether it is a violation of the Computer Fraud and Abuse Act (“CFAA”) when an individual who is authorized to access information on a computer, accesses the same…
Data Breach Settlement Calls for Enhanced Security Measures
Marianne Kolbasuk McGee reports: A federal court recently granted final approval for an $8.9 million settlement of a class action lawsuit against Banner Health stemming from a 2016 data breach. The settlement spells out steps the Phoenix-based organization must take to improve information security. […] The amount that Banner Health has agreed to spend in…