Security News > 2020

The City of North Miami Beach last week announced that ransomware was found on computers within its police department's network. The attack was discovered on Tuesday and the FBI, the Secret Service, and the Miami-Dade Police Department were immediately alerted.

The United States government has officially charged four members of China's People's Liberation Army with hacking into credit reporting agency Equifax and being responsible for the massive data breach that exposed highly sensitive information on more than 145 million Americans. "Today, we hold PLA hackers accountable for their criminal actions, and we remind the Chinese government that we have the capability to remove the Internet's cloak of anonymity and find the hackers that nation repeatedly deploys against us. Unfortunately, the Equifax hack fits a disturbing and unacceptable pattern of state-sponsored computer intrusions and thefts by China and its citizens that have targeted personally identifiable information, trade secrets, and other confidential information."

A newly uncovered Emotet malware sample has the ability to spread to insecure Wi-Fi networks that are located nearby to an infected device. If the malware can spread to these nearby Wi-Fi networks, it then attempts to infect devices connected to them - a tactic that can rapidly escalate Emotet's spread, said researchers.

The United States Department of Justice today announced charges against 4 Chinese military hackers who were allegedly behind the Equifax data breach that exposed the personal and financial data of nearly 150 million Americans. In September 2017, credit reporting agency Equifax disclosed it had become a victim of a massive cyberattack that left highly sensitive data of nearly half of the U.S. population in the hands of hackers.

Ransomware-wielding attackers have devised a novel tactic for disabling security protections that might get in their way: they are using a deprecated, vulnerable but signed driver to deliver a malicious, unsigned one that allows them to kill processes and files belonging to Windows endpoint security products. The vulnerable driver they are misusing was created by Taiwan-based motherboard manufacturer Gigabyte, found to be vulnerable in 2018 and later deprecated, but the signing certificate was never revoked.

As the technology and tools to leverage stolen credentials advance, a more thoughtful approach to your organization's password policy is a highly effective way to reduce risk by better protecting your customers, network assets, and employees. Defenders can augment traditional password policy best practices with the ability to take action based on indicators observed within the cybercrime underground.

UM has been open and forthcoming on the details of the attack, providing detailed insight into a classic targeted ransomware attack. "The modus operandi of the group behind this specific attack," said Fox-IT in a forensic report commissioned by UM, "Comes over with a criminal group that already has a long history, and goes back to at least 2014. The group is often referred to publicly as 'TA505', as well as 'GraceRAT', named after one of the tools used by the group."

Over the course of 2019, Facebook paid security researchers a total of $2.2 million in rewards for vulnerability reports submitted to the social media platform's bug bounty program. For comparison, the social platform paid more than $1.1 million for over 700 valid reports submitted to its bug bounty program in 2018, and more than $880,000 for over 400 valid reports in 2017.

An election application used by Israel's Likud party has exposed the personal information of over 6 million voters. Likud, the party of Israeli Prime Minister Benjamin Netanyahu, has contracted a company named Feed-b to create an election management system called Elector, which has been advertised as highly secure.

Even more worryingly, only 2.6% of these 63% use a unique password when they create a new shadow IT account at work and just 13% use a password generator - the rest re-use a memorable password or use a pattern of similar passwords. As we wait for a more authentication secure solution to find its way into mainstream usage and achieve widespread acceptance, we have to find a way to minimize the risks that come with password use.