Does Hallmark have a card suitable for this? Catalin Cimpanu reports: The creators of the GandCrab ransomware announced yesterday they were shutting down their Ransomware-as-a-Service (RaaS) operation, ZDNet has learned. […] “We successfully cashed this money and legalized it in various spheres of white business both in real life and on the Internet,” the GandCrab…
Category: Malware
Cyber attack could keep county servers down for days
Luzerne County’s administration has shut down some computer servers and work stations to address a cyber attack discovered last weekend, officials said. On Wednesday morning, county Administrative Services Division Head David Parsnik said the clean-up process may take several days to complete. By the afternoon, the administration sent workers an email indicating the servers may…
Checkers Drive-In Restaurants, Inc. Notifies Checkers and Rally Guests About Data Security Issue
TAMPA, Fla. May 29, 2019 /PRNewswire/ — Checkers Drive-In Restaurants, Inc. (“Checkers”) announced today that it is notifying guests about a data security issue involving malware at certain Checkers and Rally’s locations. After discovering the issue, Checkers quickly engaged leading data security experts to conduct an extensive investigation and coordinated with affected restaurants and federal law…
Hackers are scanning for MySQL servers to deploy GandCrab ransomware
Catalin Cimpanu reports: At least one Chinese hacking crew is currently scanning the internet for Windows servers that are running MySQL databases so they can infect these systems with the GandCrab ransomware. These attacks are somewhat unique, as cyber-security firms have not seen any threat actor until now that has attacked MySQL servers running on…
Google disables Baltimore’s Gmail accounts used during ransomware recovery over mistaken security concern
Ian Duncan reports on how your emergency backup might fail for reasons you didn’t anticipate, perhaps. Gmail accounts used by Baltimore officials as a workaround while the city recovers from a ransomware attack were disabled because the creation of a large number of new accounts in one place triggered Google’s automated security system, a spokesman…
Use of EternalBlue in attacks on the increase despite patch
Bradley Barth reports: Cyber-attacks leveraging the Windows Server Message Block exploit known as EternalBlue have reportedly reached historically high levels over the last few months, even though the vulnerability it affects was patched by Microsoft more than two years ago. In a 17 May blog post, ESET security evangelist Ondrej Kubovic said his company’s telemetry data…