Reading Time: ~ 2 min.

Bank of America Breach Reveals PPP Information

After processing over 300,000 Paycheck Protection Program
applications, Bank
of America
has revealed that a data breach occurred within the U.S. Small
Business Administration’s program that allowed all other SBA-authorized lenders
to view highly sensitive data. The data includes tax information and social
security numbers relating to both businesses and their owners and could have
extremely devastating effects in the wrong hands. Fortunately, the SBA secured
the compromised data within a day of being notified and Bank of America has
reached out to affected customers offering of two years of identity theft
protection. null

Bank of Costa Rica Suffers Data Breach

Threat actors working for the Maze group recently claimed to
have belonging to millions of Bank
of Costa Rica
customer accounts, a claim that was quickly refuted by the
bank itself. Within a week, Maze began publishing proof of their bounty and
promised to continue posting records if the bank fails to improve their current
security. Maze also claimed to have accessed the bank’s systems on multiple
occasions to determine if security had improved but chose not to encrypt their
systems as the second breach occurred during the COVID-19 pandemic.

Old LiveJournal Breach Data Re-emerges

Researchers have been looking into a recent data dump that
appears to have originated from the 2014 LiveJournal
breach and contains over 33 million records up to 2017. It is hard to precisely
date the breach, as LiveJournal is a Russian-owned journaling service and never
reported it, though many LiveJournal users were targeted in a past spam
extortion email campaign. More recently, users of Dreamwidth, which shares the
LiveJournal codebase, has seen reports of compromised accounts.

Turla Hackers Grabbing Antivirus Logs to Check for Detection

One of the largest state-sponsored hacker groups, Turla,
has turned their attention to accessing antivirus logs on infected systems to
determine if their malicious activity has been discovered. With the use of
ComRAT V1 (and later versions), Turla has been gaining highly sensitive
information from major national organizations for over a decade and continues
to improve on their methods. By viewing the logs created by local antivirus
software, the attackers can adjust more quickly to avoid future detections.

New COVID-19 Tracker Drops [F]Unicorn Ransomware

The latest to capitalize on the public’s pandemic fears, a
new fake COVID-19 tracing app has been targeting systems in Italy by dropping a
new ransomware variant dubbed [F]Unicorn.
The malicious payload comes disguised as a file from the Italian Pharmacist
Federation. It then directs the victim to a beta version of the
yet-to-be-released Immuni tracing app, showing a fake tracing dashboard as the
encryption process begins. The ransomware demands a 300-Euro payment but displays
an invalid email address, so users would be unable to prove payment to the
attackers even if they choose to pay.

The post Cyber News Rundown: Bank of America Breach Reveals PPP Info appeared first on Webroot Blog.