What occurred this week? Lots of cybersecurity information! We all know it’s exhausting to maintain up with the ever-changing information cycle, so we gathered this week’s greatest tales and broke them down into bite-sized reads. Take a read-through of this week’s VIPRE Weekly Roundup!
Texas Authorities Entities Hit by Coordinated Ransomware Assaults (VIPRE)
Final week the Texas Division of Info Assets (DIR) knowledgeable most people that 22 native entities inside the state had been hit by coordinated ransomware assaults. Little or no info on the assault is at present accessible to the general public. What is understood is that many of the entities had been smaller, they imagine it originated from a single level of entry (most definitely a MSP), and proof continues to level to a single risk actor. What stays to be seen is that if the Governor of Texas, Greg Abbott, will ever make a press release regarding the assault [READ FULL ARTICLE…]
State Officers Beg Congress for Extra Election Safety Funding (The Hill)
The secretaries of state for each Connecticut and Louisiana referred to as on Congress final Thursday to applicable extra funding to spice up election safety heading into 2020. Whereas talking at a discussion board hosted by the Election Help Fee (EAC), each state secretaries (every from each main political events) mentioned that further federal funding is the easiest way Congress may help states shore up election safety and thrust back cyberattacks. [READ FULL ARTICLE…]
Google and Mozilla Transfer to Cease Kazakhstan ‘Snooping’ (BBC Information)
Reviews of web service suppliers within the nation of Kazakhstan have surfaced through which individuals are required to put in a government-issued certificates on all units and in each browser. Whereas the federal government has touted the software program as a safety measure, Google and Mozilla imagine it serves a unique function. Google and Mozilla make two of the web’s hottest browsers and imagine the Kazakh software program to be a snooping device that will enable the federal government to decrypt and skim something a person sorts or posts. Add this on to the poor human rights document Kazakhstan holds by worldwide requirements. [READ FULL ARTICLE…]
Microsoft Warns of Phishing Assaults Utilizing Customized 404 Pages (Bleeping Pc)
Microsoft safety researchers found an uncommon phishing marketing campaign which employs customized 404 error pages to trick potential victims into handing out their Microsoft credentials. To do that, the attackers register a site and as an alternative of making a single phishing touchdown web page to redirect their victims to, they configure a customized 404 web page which exhibits the pretend login kind. This can enable phishers to have an infinite quantity of phishing touchdown pages URLs generated with the assistance of a single registered area. [READ FULL ARTICLE…]
European Central Financial institution Confirms Web site Hack and Information Breach (Graham Cluley)
The central financial institution of 19 European international locations which have adopted the euro, The European Central Financial institution (ECB), has shut down a compromised web site after it found that hackers had planted malware to steal info from e-newsletter subscribers. A press launch by the ECB admits that subscribers to the Banks’ Built-in Reporting Dictionary e-newsletter had their e mail addresses and different contact particulars stolen after hackers efficiently contaminated malware onto webpages hosted by an exterior supplier. Luckily, the ECB claims that passwords weren’t stolen. [READ FULL ARTICLE…]
Hackers Use Google Drive Phishing Marketing campaign to Goal Power Sector (MSSP Alert)
Cybercriminals not too long ago launched a Google Drive-based credential phishing marketing campaign in opposition to an vitality firm. They leveraged Google Drive to bypass the e-mail safety stack of the corporate and attain end-users. In the course of the phishing marketing campaign, hackers despatched an e mail to vitality firm workers by way of Google Drive. The e-mail seemed to be despatched on behalf of the corporate’s CEO however got here from an e mail handle that didn’t fall inside the enterprise’ typical e mail naming conventions. Moreover, the hyperlink inside the e mail physique linked to an precise Google Drive share; this ensured the e-mail was marked as “non-malicious” by e mail safety instruments. [READ FULL ARTICLE…]
Microsoft Contractors Listened to Xbox Homeowners in Their Properties (VICE)
Contractors working for Microsoft have listened to audio of Xbox customers talking of their properties to enhance the console’s voice command options. The audio was presupposed to be captured following a voice command like “Xbox” or “Hey Cortana,” however contractors mentioned that recordings had been typically triggered and recorded by mistake. This information is the newest in a string of revelations that present contractors engaged on behalf of Microsoft take heed to audio captured by a number of of its merchandise. [READ FULL ARTICLE…]
Hackers Use Faux NordVPN Web site to Ship Banking Trojan (BleepingComputer)
The attackers who beforehand breached and abused the web site of free multimedia editor VSDC to distribute the Win32.Bolik.2 banking Trojan have now switched up their ways. They’re now creating web site clones to ship banking Trojans onto unsuspecting victims’ computer systems. This enables them to concentrate on including capabilities to their malicious instruments as an alternative of losing time by making an attempt to infiltrate the servers and web sites of official companies. [READ FULL ARTICLE…]
US Mayors Vow to No Longer Pay Ransoms to Hackers (VIPRE)
After seeing 22 ransomware assaults happen inside simply the primary half of 2019 alone, a group of US mayors have had sufficient. The US Convention of Mayors unanimously adopted a decision to not pay any extra ransom calls for made by risk actors following ransomware infections. There appears to be no finish in sight for ransomware assaults in opposition to municipal governments with ransomware funds up 184% from Q1 of 2019. Many don’t imagine it will assist as municipalities who don’t have correct cybersecurity measures in place are left footing a even bigger invoice. [READ FULL ARTICLE…]
Did you miss final week’s VIPRE Weekly Roundup? Yow will discover it by clicking right here.
The publish VIPRE Weekly Roundup: August 23, 2019 appeared first on VIPRE.