Reading Time: ~ 2 min.

Second Florida City Pays Ransom

Following the news that Riviera Beach, FL would pay the
ransom demanded by cyberattackers, the mayor of Lake
City, FL
has announced that the city will be paying the demanded ransom of
$460,000 to restore access to their email and internal system servers. While law
enforcement agencies strongly recommend against paying the ransom and suggest
that victims instead attempt to recover encrypted files through backups or
other offline methods, many companies who fall prey to ransomware attacks do
not keep complete backups of their systems, so they may have no choice but to

Group Arrested in Domain Spoofing Scam

Several individuals were recently arrested for creating a spoof
for, a site that allows users to access their
cryptocurrency wallets. The individuals in question successfully stole over $27
million’ worth of various currencies from roughly 4,000 victims by using their
spoofed site to steal wallet credentials. The group was captured in two
separate countries after more than a year of investigation.

Database for Insurance Marketing Site Exposed

A database belonging to, an insurance
marketing site
, was found to be publicly accessible, exposing the records
of over 5 million customers. While it is unclear how long the database had been
improperly secured, the researcher who discovered it in mid-May promptly
reported it to the database owner. Amongst data exposed were nearly a quarter
million records that indicated specific insurance categories.

Report Reveals Countries Most Targeted by Ransomware

A new report has run the numbers to uncover the top five
countries most
targeted by ransomware
. So far in 2019, the list includes the USA, Brazil,
India, Vietnam, and Turkey. During the first quarter of this year alone, the USA
took 11% of the attacks, with Brazil coming in right behind with 10% of the
total number of attacks. Even more concerning: the average ransom demand has
nearly doubled since this time last year, jumping from around $6,700 to ca. $12,700.

IoT Malware Bricks Devices

Researchers have just found a new type of malware, dubbed
Silex, that focuses on IoT
running with default credentials. The malware then bricks—i.e.,
breaks in an irreparable or unrecoverable fashion—the entire device. The Silex authors
claim to have distributed it with the specific intention of rendering devices
unusable to prevent lower level scripters from adding the devices to their
botnets. Fortunately, the authors did shut down the malware’s command servers,
though the already-distributed samples will continue their operations until
they have been removed by security.

The post Cyber News Rundown: Second Florida Ransomware Attack appeared first on Webroot Blog.