Security News

The banking and investing platform MoneyLion had to lock customer accounts that were breached in credential stuffing attacks over the summer, in June and July. In credential stuffing attacks, threat actors use large collections of username/password combinations leaked following security breaches of various online services to log into the victims' user accounts on other online platforms.

Chinese-speaking cyberspies have targeted Southeast Asian governmental entities and telecommunication companies for more than a year, backdooring systems running the latest Windows 10 versions with a newly discovered rootkit. The hacking group, dubbed GhostEmperor by Kaspersky researchers who spotted it, use the Demodex rootkit, which acts as a backdoor to maintain persistence on compromised servers.

Security specialist ESET's latest Threat Report warns of a massive increase in attacks on Remote Desktop Protocol endpoints - and new activity from the Nobelium gang against European government organisations. ESET's figures show attacks on RDP servers having gone up 103.9 per cent since its T1 report in June - it publishes three a year - representing a total of 55 billion detected brute-force attacks, thanks in no small part to a campaign focused on Spanish targets.

Private sector remaining skeptical about govt's ability to mitigate cyber threats. Despite recent interventions into cybersecurity issues, executives lack faith in the government's ability to protect them from cyber threats, with 60% of organizations believing that spending on new security tools and services is the most effective way of stopping attacks.

A second major reason is that ransomware attacks tend to attack two areas of the infrastructure that have traditionally been ignored - namely applications and data stored in files. Finding a next-generation data protection solution that utilizes a network approach, but at the data level, companies can protect what is typically most vulnerable.

Ponemon Institute surveyed 597 IT and IT security professionals to understand how COVID-19 has impacted how healthcare delivery organizations protect patient care and patient information from increasing virulent cyberattacks, especially ransomware. For the first time, this research shows that ransomware attacks on healthcare organizations may have life-or-death consequences.

A new phishing campaign spotted by Armorblox tried to steal user credentials by spoofing a message notification from a company that provides email encryption. A successful phishing email that obtains the right username and password can gain access to an entire network.

Another health care provider has apparently been the victim of a ransomware attack that exposed private patient information and other sensitive data. A ransomware group known as Vice Society has claimed responsibility for an August attack against United Health Centers that allegedly impacted all of its locations.

Giant Group, the umbrella company that has thousands of contractors on its books, has been targeted by a "Sophisticated" cyber-attack that floored systems and left workers out in the cold, the biz has now confirmed. The attack happened last Wednesday and forced the outfit - known to many as Giant Pay - to shut down its whole network, including its phone and email systems, as well as its IT infrastructure.

Bandwidth.com has become the latest victim of distributed denial of service attacks targeting VoIP providers this month, leading to nationwide voice outages over the past few days. As Bandwidth is one of the leading telephony providers for US voice over IP companies, many other VoIP vendors reported outages over the past few days, including Twilio, Accent, DialPad, Phone.com, and RingCentral.