Worried that your security certificate is out of date? You should be, but not because it’s out of date, but because the notice you get informing you it’s out of date is a scam.
From SC Magazine, “Cybercriminals have been compromising websites to display a fake security certificate error message in hopes of tricking visitors into downloading the Mokes backdoor or the Buerak downloader. The fake notification is delivered via a malicious iframe. The iframe matches the size of the victimized webpage and perfectly overlaps the original content. The URL bar still displays the correct address, so visitors are less likely to become suspicious.” Damn.
Ransomware Attack at Polic Dept
There used to be a time that if you wanted to get out of jail, you had to do it the old-fashioned way by jumping over the fence. Not anymore. From KnowBe4, “Last year, the police department in Stuart, FL was hit with a ransomware attack. The ripple effect of this attack is still being felt as the evidence in 11 cases was a part of the data held for ransom and was unrecoverable. The result of this was US prosecutors being forced to drop 11 narcotics cases against six suspected drug dealers – with no evidence, there is no case.”
The crazy thing is, this isn’t the first time this has happened. “This is reportedly the seventh incident of its kind, where ransomware has had impacts on cases.” I know what I’m doing if I ever get arrested.
It’s no secret that today the items most at risk to cyber threats are mobile devices. People spend the most time on them, so hackers spend the most time trying to compromise them. It all makes sense.
Today comes a story from Help Net Security about the most active threat to mobile devices: the hidden app. “Hidden apps take advantage of unsuspecting consumers in multiple ways, including taking advantage of consumers using third-party login services or serving unwanted ads. There exists a growing trend for many apps to remain hidden, stealing precious resources and important data from the device that acts as the remote control to consumers’ digital world.” It’s hard to stop what you can’t see.
One of the things hackers do really well is come up with countermoves to security defenses. Case in point, from KnowBe4, “Researchers at Quick Heal Security Labs discovered a new strain of the Mailto ransomware that uses a novel way to disguise itself to evade detection and stay invisible for Antivirus products.” You install antivirus software, the hackers come up with a way to bypass it.
The bad news? There may not be a cure for this yet. “Mailto ransomware is still being analyzed and it is not yet known if there are any weaknesses in its encryption algorithm that could be used to decrypt locked files for free.” Stay tuned.
The good news for the city of Cartersville, GA? When they were struck with a ransomware attack last year, they paid the ransom and “The attackers did deliver the decryptor keys necessary to regain access about 48 hours after the payment was made and all systems were operational soon thereafter.” The bad news? The decryptor keys cost a whopping $380,000.
If there’s a silver lining, it’s that “the initial ransom demand was for $2.8 million, payable in bitcoin, and that the city’s insurance paid the majority of the cost.” So, they’re good negotiators and they were smart enough to buy insurance. Still, I can’t help but think that buying anti-phishing software for all their employees would have been way cheaper.
J. Crew Phishing Attack
It’s not the first online retailer to be hit and it probably won’t be the last. J.Crew, the seller of casual clothes for men and women, notified “a group of customers that an unauthorized third-party accessed their accounts nearly a year ago using their login credentials and obtained personal information, including the last four digits of payment card numbers, expiration dates, card types and billing addresses as well as order numbers, shipping confirmation numbers and shipment status.”
Did it really take a year to tell their affected customers? Yep. “Because J. Crew didn’t reveal the attack publicly until almost a year after it occurred, Knudsen said hackers may have already used the information in other attacks.” It’s one thing to get your customers’ information hacked. It’s quite another to not tell them for a year. Shame on you J. Crew.
Data Breaches at Healthcare Companies
Ever wonder how bad data breaches have gotten at healthcare companies? Now we know. According to an article on Digital Munition, “54% of healthcare vendors have experienced a data breach of protected health information.” That’s not the really shocking part.
“Of those 54 percent of respondents, 41 percent experienced six or more data breaches over the past two years. The average breach costs $2.75 million and exposes nearly 10,000 records. Many of the vendor respondents believe that healthcare providers do not fully embrace risk assessments to accurately measure and manage third-party risk.” Do you think?
And that’s the week that was.