Security News > 2021 > March

Grades and social security numbers for students at the University of Colorado and University of Miami patient data have been posted online by the Clop ransomware group. The ransomware gang then contacted the organizations and demanded $10 million in bitcoin or they would publish the stolen data.

A former IT contractor has been sentenced to two years in prison after hacking into a company's server and deleting the majority of its employees' Microsoft Office 365 accounts. On Aug. 8, 2018, Kher then hacked into the company's server and deleted over 1,200 of its 1,500 O365 user accounts.

MangaDex, the online repository of manga animation comics, will be closed until further notice following a hacking incident. The attacker's likely motivation was to cause "Maximum disruption" to the site, according to MangaDex.

"The Hobby Lobby incident is the latest example of why we need to take public cloud threat vectors so seriously," said Douglas Murray, CEO at Valtix, told Threatpost. "In 2020, spend in public cloud exceeded spend in on-prem data centers for the first time. The hackers are doing their own version of 'lift and shift' and are aggressively moving to where the market is going. Just as concerning is that for every Hobby Lobby like leak that we learn about, there is another that goes undetected."

The 8 top trends cited will enable rapid reinvention, including the skills gap, cybersecurity mesh and identity-first security. At Tuesday's Gartner Security & Risk Management Summit, Gartner Research Vice President Peter Firstbrook discussed eight critical trends for security and risk-management leaders in his keynote address.

Mozilla today announced the release of Firefox 87 in the stable channel fitted with a new intelligent tracker blocking mechanism. Called SmartBlock, the feature works in Firefox Private Browsing and Strict Mode and is meant to improve users' browsing experience through fixing pages that Mozilla's tracking protections break.

The phishers had access for more than 24 hours, and sources tell KrebsOnSecurity the intruders used that time to steal Social Security numbers and sensitive files on thousands of state workers, and to send targeted phishing messages to at least 9,000 other workers and their contacts. "SCO has notified the employee's contacts who may have received a potentially malicious email from the unauthorized user. SCO team members have identified all personal information included in the compromised email account and begun the process of notifying affected parties. The Controller is going over and beyond the notification requirements in law by providing both actual mailed notification and substitute notification in an effort to ensure the broadest possible notification."

Even back in the early days, WebView was problematic because, with a JavaScript bridge enabled, a webpage viewed in WebView could execute code as the WebView application itself. There's the app itself, there are the Android subsystems, there are the apps that depend on WebView, there are the developers who might make use of JavaScript, which then depends on a third-party server that may or may not use SSL properly.

An ongoing phishing operation that stole an estimated 400,000 OWA and Office 365 credentials since December has now expanded to abuse new legitimate services to bypass secure email gateways. The attacks are part of multiple phishing campaigns collectively dubbed the "Compact" Campaign, active since early 2020 first detected by the WMC Global Threat Intelligence Team.

Digital identity network play ID.me, Inc. has joined the growing list of cybersecurity unicorns after banking a new $100 million funding round that values the company at $1.5 billion. ID.me, based in McLean, Va., said it will use the new money to build out its secure digital identity network by hiring top talent and expanding the number of businesses and government agencies it serves.