Joseph N. DiStefano reports: Wawa, the Delaware County-based convenience store and gas station chain, paid $10.7 million last year linked to a 2019 breach of its customer payment security systems. But now it wants that money back — and more. On Monday in federal court in New York, Wawa sued Mastercard, the giant payment-card network,…
Category: Malware
REvil ransomware group’s infrastructure comes back online hinting at fresh campaign
Connor Jones reports: ….. Some researchers noted the return of REvil’s ‘happy blog’ – the place where it announced its hacks – on 19 April, returning an Nginx 404 error. Others said the signs of a return started as far back as December, one month after law enforcement made the original arrests of the gang members. Using the…
Unified Government of Wyandotte County and Kansas City Hit by Cybersecurity Attack Over Holiday Weekend
Seen at http://wycokck.org/: Published on April 19, 2022 UPDATE ON SERVICE IMPACTS: WEDNESDAY, APRIL 20, 2022 The Unified Government has been working through a comprehensive assessment of the impact of the recent cybersecurity attack on our systems and services. Work to restore services is underway. As of this afternoon, the following services are impacted: Appraiser’s…
Russian state hackers hit Ukraine with new malware variants
Bill Toulas reports: Threat analysts report that the Russian state-sponsored threat group known as Gamaredon (a.k.a. Armageddon/Shuckworm) is launching attacks against targets in Ukraine using new variants of the custom Pteredo backdoor. Gamaredon has been launching cyber-espionage campaigns targeting the Ukrainian government and other critical entities since at least 2014. Read more at BleepingComputer.
Joint Cybersecurity Advisory: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
From the Summary: The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Treasury Department (Treasury) are issuing this joint Cybersecurity Advisory (CSA) to highlight the cyber threat associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) group since at least 2020….
Learning Opportunities from Ransomware and Redline Infostealer Events Inside America’s Universities
Britton White writes: After a university was recently hit with Ransomware, I decided to research the university’s domain name searching for any users who might have been hit with Redline Infostealer/Malware. To no surprise, I found many students had unknowingly had their saved browser credentials scraped (stolen/exfiltrated). It didn’t take long to find a student…