Katie Donegan reports: Attackers are playing the long game. Their newest phishing adaption is a product of monthslong intelligence gathering and social engineering — and it’s already being put into action. Dubbed evasive spear phishing, this new category of email security threat was discovered by investigating more than 25 million email attachments. Detailed in a…
Category: Commentaries and Analyses
Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks
Symantec reports: A previously undocumented attack group is using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers. The group, which we are calling Tortoiseshell, has been active since at least July 2018. Symantec…
Schumer calls for federal response to school cyberattacks
Justin Murphy reports: Sen. Charles Schumer, D-N.Y., called on Congress and the FBI on Wednesday to help school districts and other local government bodies threatened by increasingly common and sophisticated cyberattacks. The issue has put school districts across New York on guard, particularly after the Syracuse City School District was hit with ransomware this year. The district paid a $50,000…
Gootkit malware crew left their database exposed online without a password
Catalin Cimpanu reports: The criminal gang behind the Gootkit malware has made the same mistake that thousands of legitimate companies have made before them in the past years — they left MongoDB databases connected to the internet without a password. The leak allowed security researcher Bob Diachenko to download all group’s data and gain an…
The New Target That Enables Ransomware Hackers to Paralyze Dozens of Towns and Businesses at Once
Renee Dudley of ProPublica reports: On July 3, employees at Arbor Dental in Longview, Washington, noticed glitches in their computers and couldn’t view X-rays. Arbor was one of dozens of dental clinics in Oregon and Washington stymied by a ransomware attack that disrupted their business and blocked access to patients’ records. But the hackers didn’t…
Discqus and Kickstarter hacker warns against password reuse
Catalin Cimpanu reports: A hacker who made a fortune by breaking into people’s accounts and posting spam on their behalf is now warning users against password reuse. Kyle Milliken, a 29-year-old Arkansas man, was released last week from a federal work camp. He served 17 months for hacking into the servers of several companies and…