Category Archives: Financial

Molson Coors says cyberattack disrupted beer brewing

Posted on by

Molson Coors confirmed in a regulatory filing on Thursday that it suffered a cyberattack that disrupted its beer production, and it may not be out of the woods yet. “Although the Company is actively managing this cybersecurity incident, it has caused and may continue to cause a delay or disruption to parts of the Company’s business, including its brewery operations, production, and shipments,” the company said in a Securities and Exchange Commission disclosure. The SEC filing also said that Molson Coors had contacted “leading forensic information technology firms and legal counsel” and was “working around the clock” to restore full operations. The company reported net sales of nearly $12 billion in 2020, and is one of the largest beer brewers in the U.S. The company was remarkably vague. It didn’t say what kind of attack, where it happened, which systems were affected or when it began. Local media near a […]

The post Molson Coors says cyberattack disrupted beer brewing appeared first on CyberScoop.

Continue reading Molson Coors says cyberattack disrupted beer brewing

FIN8 cybercrime group resurges with improved hacking tool

Posted on by

A financially-motivated hacking group that appeared to drop off the map a year-and-a-half ago is back with a new and improved backdoor, according to BitDefender research published Wednesday. Over the last year the criminal hacking group, known as FIN8, has primarily targeted companies in retail, technology, chemical and insurance industries with its updated point-of-sale malware, and has compromised organizations in the U.S., Canada, South Africa, Puerto Rico, Panama and Italy, according to the research. FIN8, which FireEye researchers first observed in operation in 2016, has historically targeted organizations in the retail, restaurant and hospitality industries with emails containing malicious Microsoft Word documents. The updated backdoor, known as BADHATCH, has incorporated screen capturing, proxy tunneling and fileless execution, the researchers write. The backdoor has also likely added in credential-stealing capabilities, according to the research. BitDefender does not identify which organizations have been compromised. An earlier version of BADHATCH, which researchers at […]

The post FIN8 cybercrime group resurges with improved hacking tool appeared first on CyberScoop.

Continue reading FIN8 cybercrime group resurges with improved hacking tool

Is Congress finally ready to pass meaningful ransomware legislation?

Posted on by

During the entire last two-year session of Congress, lawmakers only signed one bill law that mentioned the word “ransomware.” With the epidemic of digital extortion showing no signs of abating, though, and as ransomware attacks claim ever more victims across all parts of the U.S., evidence is mounting that the next two years could bring a more concerted push for legitlation. “I think it will be a focus because essentially every congressional district has had some kind of ransomware incident, whether public or not,” said Michael Garcia, a senior policy adviser in the national security program at Third Way, a center-left think tank. “Just look at the number of hospitals getting hit, of schools being hit.” In one recent incident, a Mississippi public school system revealed it had paid $300,000 to ransomware attacks, while a U.S. medical company, Universal Health Services, said it lost $67 million as a result of […]

The post Is Congress finally ready to pass meaningful ransomware legislation? appeared first on CyberScoop.

Continue reading Is Congress finally ready to pass meaningful ransomware legislation?

Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk

Posted on by

The Accellion hack has claimed another victim, this time a financial firm that boasts it’s the second-largest savings bank in the United States. Michigan-based Flagstar Bank recently began notifying affected customers that on Jan. 22, Accellion, an IT provider, relayed that a vulnerability in its file sharing platform had affacted Flagstar. The software flaw has led to breaches at firms around the world, with hackers exploiting the Accellion vulnerability to victimize grocery chain Kroger, cybersecurity company Qualys, the Reserve Bank of New Zealand, the state of Washington, prominent law firm Jones Day (which counts former President Donald Trump among its clients) and perhaps others. “Unfortunately, we have learned that the unauthorized party was able to access some of Flagstar’s information on the Accellion platform and that we are one of numerous Accellion clients who were impacted,” Flagstar said in a notice on its website. The Clop ransomware gang, alternately known […]

The post Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk appeared first on CyberScoop.

Continue reading Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk

Spanish cops arrest four in ‘FluBot’ text hacking scheme

Posted on by

Police in Barcelona have arrested four hackers suspected to be behind a massive criminal scheme which has targeted tens of thousands of victims with malicious links impersonating banks in order to steal victims’ credentials and money. In the raid, which took place March 2, the police collected laptops, cash, documents, and other high-end mobile devices, the Criminal Investigation Division of the Barcelona Metropolitan Police Region said in an announcement. The scammers’ plot included sending bad links through SMS messages to victims, which, if clicked, would direct targets to fake pages imitating banking pages or mobile operators, where the hackers would then steal victims’ credentials and duplicate the victims’ SIM cards to take control of the victims’ phones, according to the release. The attacker-controlled sites were hosted on servers located in the Cayman Islands, according to law enforcement. The hackers would then make fraudulent money transfers with their newfound access and […]

The post Spanish cops arrest four in ‘FluBot’ text hacking scheme appeared first on CyberScoop.

Continue reading Spanish cops arrest four in ‘FluBot’ text hacking scheme

Suspected Iranian hackers snooping on Middle Eastern targets anew

Posted on by

Hackers connected to Iran are on the loose again in the Middle East, instigating an apparent espionage campaign in five countries, Trend Micro said on Friday. The company concluded with moderate confidence that the MuddyWater hacking group, whose interests tend to align with the Iranian government’s, is behind the campaign. It’s an ongoing spearphishing effort aimed at government agencies, academia and the tourism industry in Azerbaijan, Bahrain, Israel, Saudi Arabia and the United Arab Emirates, according to Trend Micro. The research confirms research from Anomali in February, and expands the range of named targets. MuddyWater has a history of going after Middle Eastern government agencies and academia along with a range of industries, and it has a reputation for persistent spy work. What’s different about this campaign, though, is that it doesn’t exhibit the usual competence MuddyWater has demonstrated, Trend Micro said. “While it possesses remote access capabilities, the attackers […]

The post Suspected Iranian hackers snooping on Middle Eastern targets anew appeared first on CyberScoop.

Continue reading Suspected Iranian hackers snooping on Middle Eastern targets anew

BEC scammer infects own device, giving researchers a front-row seat to operations

Posted on by

In some media portrayals, criminal and state-backed hackers are invariably depicted as cunning and sophisticated, gliding inexorably toward their latest data heist. Reality is murkier. These digital operatives are, of course, human and prone to mistakes that expose their activity. A North Korean man accused of hacking Sony Pictures Entertainment in 2014, for example, mixed his real identity with his alias in registering online accounts, making it easier for U.S. investigators to track him. The most recent example of bumbling digital behavior occurred when a scammer infected their own device, offering researchers a front-row seat to the attacker’s scheme and lessons  in how to defend against it. “This is a big failure in their operational security as it gives us direct insight into some of the attacker’s tactics and operation,” said Luke Leal, a researcher at web security firm Sucuri, which made the discovery. The attacker was trying to carry […]

The post BEC scammer infects own device, giving researchers a front-row seat to operations appeared first on CyberScoop.

Continue reading BEC scammer infects own device, giving researchers a front-row seat to operations

Army warns of QR code scams amid pandemic

Posted on by

Quick response codes, or QR codes, may be easy and convenient to use to read menus at restaurants during the pandemic or to enable touch free mobile payments — but the Army now warns that criminals can exploit QR codes to connect phones to run scams. When smart phones scan a QR code, which is made up of black and white dots arranged in a square, the code will typically open up a browser or enable a payment to a business. Users should also be wary of cybercriminals who may try to use QR codes to steal users’ money, the Army Criminal Investigation Command’s Major Cybercrime Unit said in the alert, issued earlier this week. Scams could also include connecting devices that scan QR codes to a malicious network and sending texts or making calls to users’ contacts or adding malicious contacts to the contact list, the Army alert warned.  Eighty-four […]

The post Army warns of QR code scams amid pandemic appeared first on CyberScoop.

Continue reading Army warns of QR code scams amid pandemic

Scammers exploit COVID-19 vaccine confusion for fraud efforts

Posted on by

A confusing, chaotic rush to deliver COVID-19 vaccinations is making cyberspace a more fertile place for pandemic-related scams. Researchers at Barracuda Networks said on Thursday that vaccine-related spearphishing emails rose 26% from October to the end of January. That roughly coincides with the time Pfizer and Moderna announced vaccine availability, and represents a 12% uptick from up from the one-month period of October to November. “We hope it’s the last phase of the lifecycle of this pandemic” for vaccine-related spearphishing attacks, said Fleming Shi, chief technology officer at Barracuda. ” These are just as potent as the ones earlier in the pandemic, probably even more so, because there’s an urgency for people. They’re racing for the openings.” Also Wednesday, Check Point Research said that vaccine-related domain registrations rose by 300% over the past eight months, with a large spike beginning in November and continuing through January. Of those Check Point […]

The post Scammers exploit COVID-19 vaccine confusion for fraud efforts appeared first on CyberScoop.

Continue reading Scammers exploit COVID-19 vaccine confusion for fraud efforts

Robocalls keep spamming Americans, in part because of their cyber tools

Posted on by

After a surprising lull at the onset of the COVID-19 pandemic, phone scammers are back, and showing signs of overlapping more and more with text messages and cyber elements. Scammers are combining phone calls with tricks to circumvent two-factor authentication, using information they obtain online to make more targeted calls and, in some cases, mimicking the attack methods of hackers, government and industry officials say. Phone scams that merge with other methods are growing more frequent and difficult to contend with, said Connecticut Attorney General William Tong. “I think it’s common and it’s dangerous, particularly the way that they’re able to cloak themselves or convince you that you need to respond to a particular call or email,” he said. Internet technology has helped fuel a record number of robocalls thanks to the advent of voice-over IP, a tool that made mass calling convenient and more affordable. Estimates vary, but most […]

The post Robocalls keep spamming Americans, in part because of their cyber tools appeared first on CyberScoop.

Continue reading Robocalls keep spamming Americans, in part because of their cyber tools