New Attack Abused Windows Error Reporting Service to Evade Detection
Security researchers came across a new attack that abused the Windows Error Reporting (WER) service in order to evade detection. Malwarebytes observed that the attack began with a .ZIP file containing “Compensation manual.doc.” The security firm reasoned that those responsible for this attack had likely used spear-phishing emails to distribute ... Read More
30 Ransomware Prevention Tips
Dealing with the aftermath of ransomware attacks is like Russian roulette. Submitting the ransom might seem like it’s the sole option for recovering locked data. But paying the ransom doesn’t mean that your organization will get its affected data back. Let’s not forget that ransomware also continues to evolve as ... Read More
Ransom Payments Could Result in Civil Penalties for Ransomware Victims
Victims of ransomware attacks could potentially receive civil penalties for making ransom payments to a growing list of threat actors. On October 1, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) revealed that it could choose to impose civil penalties on ransomware victims who make ransom ... Read More
Russian Gets 7 Years in Prison for Linkedin, Dropbox & Formspring Hacks
A Russian man received a seven-year prison sentence for having hacked into computers belonging to LinkedIn, Dropbox and Formspring. On September 30, Honorable William H. Alsup, U.S. District Judge for the Northern District of California, sentenced Yevgeniy Alexandrovich Nikulin, 32, of Russia to 88 months in prison. This decision marked ... Read More
Bitcoin Exchange Owner Convicted for Role in Web Auction Fraud Scheme
A federal jury convicted the owner of a bitcoin exchange for his role in a multi-million dollar scheme involving online auction fraud. On September 28, a federal jury in Frankfort, Kentucky found Bulgarian national Rossen Iossifov, 53, guilty of one count of conspiracy to commit racketeering and one count of ... Read More
Tyler Technologies Reveals Ransomware Affected Some Internal Systems
Tyler Technologies, Inc., revealed it suffered a ransomware attack that disrupted access to some of its internal systems. On September 26, Tyler Technologies published a statement on its website in which it disclosed that it had detected a security incident involving its phone systems and internal corporate network. The bulletin ... Read More
Mount Locker Ransomware Demanding Ransom Payments in the Millions
A new ransomware strain called “Mount Locker” is demanding that victims pay multi-million dollar ransom payments to recover their data. According to Bleeping Computer, the ransomware first began making the rounds in July 2020. The malicious actors responsible for this threat took a cue from other crypto-malware gangs by stealing ... Read More
Computer Programmer Pleads Guilty to Lying about Silk Road Involvement
A computer programmer pleaded guilty to making false statements about his involvement with the Silk Road underground web marketplace. On Setpember 21, Michael R. Weigand (also known as “Shabang”) surrendered himself and told U.S. District Judge William H. Pauley III that he had lied to federal investigators about his work ... Read More
Shopify Discloses Security Incident Involving Some Merchants’ Data
Canadian multinational e-commerce company Shopify disclosed a security incident that involved the information of some of its merchants. On September 22, Shopify published an incident update on its website. This bulletin explained that “two rogue members” of the company’s support team had attempted to obtain the customer transaction records of ... Read More
Scammers Impersonating Texas Gov’t Departments to Send Fake RFQs
Scammers are impersonating governmental departments within the State of Texas to send out fake Requests For Quotations (RFQs). On September 21, Abnormal Security revealed that it had spotted an attack email that impersonated the Texas Department of State Health Services. Scammers used spoofing techniques to camouflage the sender address as ... Read More
