Browsed by
Author: Greg Swiecicki

Dharma Ransomware Attacks Italy in New Spam Campaign

Dharma Ransomware Attacks Italy in New Spam Campaign

The new spam campaign was targeted at Windows users in Italy. Hackers distribute Dharma Ransomware. After encrypting the data, it is impossible to restore them, the best solution is to have backups. The article gives information about paying the ransom, I personally do not agree to pay the ransom, which like a domino drags and exposes other companies to attacks.

https://www.bleepingcomputer.com/news/security/dharma-ransomware-attacks-italy-in-new-spam-campaign/

Seven Organizations Including Singtel Fined For Violation of Data Protection Laws

Seven Organizations Including Singtel Fined For Violation of Data Protection Laws

The penalties for a personal data breach (PDPC) are huge; since 2016, this sum is (~ USD 1.5 million). Personal data is the priority of every company with which we sign a contract; we must feel safe. Many corporations do not feel the need to protect our information; hence we have leaks from applications with personal data, hacker access to systems with the ability to view profiles, ransomware attack, or lack of protection of personal data. The companies that incurred costs are significant telecommunications companies.

https://cyware.com/news/seven-organizations-including-singtel-fined-for-violation-of-data-protection-laws-481c45bb

Data breach leads to unauthorized access to information for 7,500 patients, Iowa health care company says

Data breach leads to unauthorized access to information for 7,500 patients, Iowa health care company says

A considerable number of patients from the South-Central Medical System in Iowa have informed that the breach may have resulted in unauthorized access to the health information on December 19, 2019. Investigators are still monitoring and reviewing infected accounts. In connection with the email violation, access was made to patient names, dates of birth, addresses, insurance, and clinical information (such as the reason for the visit). All MCHC employees have reset their email account passwords and underwent cybersecurity training.

https://eu.desmoinesregister.com/story/news/2020/02/17/monroe-iowa-county-hospital-patients-data-breach-victims/4790481002/

PhotoSquared App Exposes 100,000+ Customer Photos

PhotoSquared App Exposes 100,000+ Customer Photos

Cyber ​​Security Researchers Noam Rotem and Ran Locar of vpnMentor have discovered a severe violation when using the US PhotoSquared photo printing application. Abuse in using the application has revealed that not only the photos were personalized but also orders, delivery address, invoice amount, and more.

https://www.cisomag.com/photosquared-app-exposes-100000-customer-photos/

Bug in WordPress plugin can let hackers wipe up to 200,000 sites

Bug in WordPress plugin can let hackers wipe up to 200,000 sites

Update the plugin if you are the owner of a WordPress site that uses commercial themes through ThemeGrill. The WebARX report, which deals with Word Press security, states that older versions are vulnerable to attacks by unauthorized persons.

https://www.zdnet.com/article/bug-in-wordpress-plugin-can-let-hackers-wipe-up-to-200000-sites/

Targeted Phishing Attack Aims For Well-Known Corporate Brands

Targeted Phishing Attack Aims For Well-Known Corporate Brands

MalwareHunterTeam has discovered a new phishing campaign that has been attacked by thirteen companies via email, specially fabricated and claiming to be the company’s producers or customers.

A full table of affected companies click below.

https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Statistics 2020

Statistics 2020

Unfortunately, most people still think that in order to protect themselves against cyber attacks, it is enough to choose the right password and for them government institutions and large corporations may feel more at risk. During so many attacks, ignorance is a huge problem and creates one of the biggest dangers for small businesses – by their dismissive attitude to the seriousness of the situation.

https://topvpn.review/cybersecurity-statics

Fileless attacks

Fileless attacks

Cybercriminals’ attack methods are becoming more and more innovative. Currently, a sharp increase in fileless attacks has noticed, which are expertly installed in the victim machine of malicious code, and do not require saving any files to disk first. Malwarebytes data show that the primary tool for criminals infecting computer malware is still the kits exploit. These sets are able to easily use specific, most commonly known errors in software development. However, this method has recently lost its effectiveness – because detection of a file saved on the disk is relatively simple, it is usually a matter of time to identify it and block it by security applications. Fileless attacks are a more complicated process to acquire and provide analysis of a sample of malware. Malwarebytes experts warn that fighting new threats is more complicated. Fileless attacks are not used on a large scale; hackers still rely on traditional methods of providing malicious content. Unfortunately, the growing range of using these tools is worrying, because it was even sporadic a year ago.