Collaborate Disseminate
Today, we released a Threat Definition Update bundle for our Tripwire Industrial Visibility solution to aid in the detection of Zerologon. Otherwise known as CVE-2020-1472, Zerologon made news in the summer of 2020 when it received a CVSSv3 score of 10… Continue reading Zerologon: Tripwire Industrial Visibility Threat Definition Update Released
Victims of ransomware attacks could potentially receive civil penalties for making ransom payments to a growing list of threat actors. On October 1, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) revealed that it could ch… Continue reading Ransom Payments Could Result in Civil Penalties for Ransomware Victims
A Russian man received a seven-year prison sentence for having hacked into computers belonging to LinkedIn, Dropbox and Formspring. On September 30, Honorable William H. Alsup, U.S. District Judge for the Northern District of California, sentenced Yevg… Continue reading Russian Gets 7 Years in Prison for Linkedin, Dropbox & Formspring Hacks
A federal jury convicted the owner of a bitcoin exchange for his role in a multi-million dollar scheme involving online auction fraud. On September 28, a federal jury in Frankfort, Kentucky found Bulgarian national Rossen Iossifov, 53, guilty of one co… Continue reading Bitcoin Exchange Owner Convicted for Role in Web Auction Fraud Scheme
Tyler Technologies, Inc., revealed it suffered a ransomware attack that disrupted access to some of its internal systems. On September 26, Tyler Technologies published a statement on its website in which it disclosed that it had detected a security inc… Continue reading Tyler Technologies Reveals Ransomware Affected Some Internal Systems
A computer programmer pleaded guilty to making false statements about his involvement with the Silk Road underground web marketplace. On Setpember 21, Michael R. Weigand (also known as “Shabang”) surrendered himself and told U.S. District Judge William… Continue reading Computer Programmer Pleads Guilty to Lying about Silk Road Involvement
A patient died after being redirected to another medical facility as the result of a German hospital having suffered a ransomware infection. On September 17, the Associated Press reported that a woman who needed urgent medical attention died after bein… Continue reading German Hospital Hit by Ransomware, Patient Dies After Being Redirected
The gang responsible for the Maze ransomware family conducted an attack in which they distributed their malware payload inside of a virtual machine (VM). Sophos’ Managed Threat Response (MTR) observed the technique in action while investigating an atta… Continue reading Maze Gang Distributed Ransomware Payload Inside VM
A new SMS-based phishing (“smishing”) campaign is using the United States Postal Service (USPS) as a disguise to target mobile users. On September 15, SlickRockWeb CEO Eric JN Eliason tweeted out two examples of the operation. Both attack SMS messages … Continue reading New Smishing Campaign Using USPS as Its Disguise
The Office of Management at the U.S. Department of Veterans Affairs (VA) disclosed a security incident involving the personal data of 46,000 veterans. The VA detailed the data breach in a statement published on its website on September 14. According to… Continue reading Security Incident at VA Exposed 46K Veterans’ Information