Lawrence Abrams reports: A new file wiping malware called Meteor was discovered used in the recent attacks against Iran’s railway system. Earlier this month, Iran’s transport ministry and national train system suffered a cyberattack, causing the agency’s websites to shut down and disrupting train service. The threat actors also displayed messages on the railway’s message boards…
Ransomware via a call centre? BazaCall means no email attachment or link required for infection
Graham Cluley writes: Unsuspecting users of Office 365 are being tricked by a cybercriminal gang into calling a bogus call centre, with the eventual intention of installing ransomware onto their computers. Microsoft has warned that fraudulent emails are being sent out, attempting to trick users into calling a phone number operated by a cybercrime group. Read more…
DOJ says SolarWinds hack impacted 27 state attorneys’ offices
Catalin Cimpanu reports: The Russian hackers who orchestrated the SolarWinds supply chain attack pivoted to the internal network of the US Department of Justice, from where they gained access to Microsoft Office 365 email accounts belonging to employees at 27 state attorneys’ offices, the DOJ said in a statement on Friday afternoon. Read more on…
Illinois AG Raoul Spends $2.5M On Ransomware Hack: Report
Jeff Arnold reports: Illinois Attorney General Kwame Raoul’s office spent more than $2.5 million for cybersecurity after a ransomware hack in April that put the personal data of an unknown number of residents at risk and came after federal authorities told him that his office’s cybersecurity systems were lacking. …. In the meantime, Raoul’s office…
RI treasurer sues Facebook, Zuckerberg over alleged financial losses due to data breach
Katie Mulvaney reports: The state retirement system is suing Facebook and its co-founder, Mark Zuckerberg, alleging that the social media giant and its leaders breached their financial duties in connection with the collection of private data of millions of users. “As Treasurer, my job is to stand up for the financial wellbeing of all Rhode…
Ransomware Changes: DoppelPaymer Rebrands; Babuk Evolves
Mathew J. Schwartz reports: The ransomware landscape constantly changes, which can make it difficult to track which attackers are coming, going or simply rebranding. One example is the DoppelPaymer – aka DopplePaymer – ransomware-as-a-service operation, which has gone relatively quiet since early May, posting no victims to its data leak site since May 6 and…