Catalin Cimpanu reports: Hackers have breached analytics service Picreel and open-source project Alpaca Forms and have modified JavaScript files on the infrastructure of these two companies to embed malicious code on over 4,600 websites, security researchers have told ZDNet. The attack is ongoing, and the malicious scripts are still live, at the time of this…
Category: Malware
Two years after WannaCry, a million computers remain at risk
Zack Whittaker reports that two years after WannaCry ransomware started rapidly spreading around the world causing chaos, the threat posed by leaked NSA tools remains a concern: As many as 1.7 million internet-connected endpoints are still vulnerable to the exploits, according to the latest data. Data generated by Shodan, a search engine for exposed databases…
Crippling ransomware attacks targeting US cities on the rise
Kevin Collier reports: Targeted ransomware attacks on local US government entities — cities, police stations and schools — are on the rise, costing localities millions as some pay off the perpetrators in an effort to untangle themselves and restore vital systems. The tally by cybersecurity firm Recorded Future — one of the first efforts to…
25,148 patients served by Southeastern Council on Alcoholism and Drug Dependence notified of ransomware incident
Here’s yet another ransomware incident in which investigators couldn’t really determine whether ePHI were actually accessed, so the entity notified HHS and is notifying patients. In this case, we are dealing with what could be treatment information for more stigmatizing conditions such as alcoholism or addiction. According to their report to HHS, 25,148 patients are…
Augustana Colleges reports a ransomware attack
Add Augustana College to the list of educational institutions getting hit by ransomware. You can read their notification here, although it’s not clear from the notice whether it was student data, employee data, or both that was on the affected server. Nor is it clear how many people had data on the server in question….
Ongoing Attack Stealing Credit Cards From Over A Hundred Shopping Sites
Swati Khandelwal reports: Researchers from Chinese cybersecurity firm Qihoo 360’s NetLab have revealed details of an ongoing credit card hacking campaign that is currently stealing payment card information of customers visiting more than 105 e-commerce websites. While monitoring a malicious domain, www.magento-analytics[.]com, for over last seven months, researchers found that the attackers have been injecting…