You know it’s a bad week when the scam of the week involves professional sports teams’ social media accounts getting hacked. From SC Magazine, “According to multiple news sources, the hackers compromised the NFL’s league Twitter and Facebook account, as well as social media accounts belonging to the Buffalo Bills, Arizona Cardinals, Chicago Bears, Cleveland Browns, Dallas Cowboys, Denver Broncos, Green Bay Packers, Houston Texans, Indianapolis Colts, Kansas City Chiefs, Los Angeles Chargers, Minnesota Vikings, New York Giants, Philadelphia Eagles, San Francisco 49ers and Tampa Bay Buccaneers.” A lot of teams lost this week…and they didn’t even play.
Sometimes the scam of the week involves eavesdropping. Such was the case this week when it was discovered that “A vulnerability in the Zoom online meeting system could allow attackers eavesdrop on meetings and view all shared content. Zoom is a platform that provides video conferencing with real-time messaging and content sharing.”
The real cause of the problem? The Zoom meeting didn’t require a password to attend. Pretty simple fix.
New day, new phishing tactics. What’s the latest tactic? HTML redirectors. From SC Magazine, “The cybercriminal group TA505 has reportedly changed up its tactics again, now engaging in phishing campaigns that leverage attachments with HTML redirectors in order to deliver Excel documents containing malware.”
“Recipients of the phishing emails who opened the HTML redirector would end up downloading an Excel file that drops the main payload once the malicious macro was enabled. This is a new tactic for TA505, which previously would simply directly attach the malware to use a malicious URL.”
What better way to phish somebody than to send a malicious email from a trusted source like Spamhaus. Spamhaus Project is an organization that creates spam block lists that mail servers can utilize to block known spammers from sending emails to recipients in their organization.
According to an article on Bleeping Computer, “A new phishing campaign distributing malware pretends to be from the Spamhaus Project warning that the recipient’s email address has been added to a spam block list due to sending unsolicited email. These emails state that the recipient must Urgently Take Action because their email address has been added to the Spamhaus Block List (SBL) and will be blacklisted on mail servers unless they follow the instructions found at a listed URL.” And of course the embedded link points to a malicious website.
Apparently, some gambling is riskier than others, which a group of gamblers unfortunately found out the hard way. According to the Verdict, “A malicious hacker gained access to the employee emails of slot machine operator Golden Entertainment, with one email, which the hacker may have accessed, containing a wealth of customer personal data.” In other words, gamblers’ data.
What data was compromised? Not much. Just social security numbers, passport numbers, driver’s license numbers, medical data, payment card details, dates of birth, usernames and passwords. Talk about a bad beat.
Ashley Madison Threat
That’s right—these guys are getting victimized twice from one data breach. “The target receives an email threatening to share their Ashley Madison account, along with other embarrassing data, with family and friends on social media and via email. The aim is to pressure the recipient into paying a Bitcoin ransom.” Ouch.
You’d think after one data breach, LabCorp, one of the largest clinical laboratory network operators, would lock down their security so that it doesn’t happen again. And you’d be wrong.
According to SC Magazine, “LabCorp suffers second data incident, patient PHI potentially exposed. TechCrunch research found about 10,000 documents could be exposed in this manner which contained a large amount of PHI on each patient including Social Security numbers and test results. This is the second data incident LabCorp has been involved with within the last seven months. In June the company reported 7.7 million of its customers were part of the American Medical Collection Agency (AMCA) data breach.”
And that’s the week that was.