Reading Time: ~ 2 min.
US Coast Guard Facility Hit with Ransomware
During the last week of December a US
Coast Guard facility was the target of a Ryuk ransomware attack that shut down
operations for over 30 hours. Though the Coast Guard has implemented multiple
cybersecurity regulations in just the last six months or so, this attack broke
through the weakest link in the security chain: human users. Ryuk typically
spreads through an email phishing campaign that relies on the target clicking
on a malicious link before spreading through a network.
Crypto-trading Platform Forces Password Reset After Possible Leak
Officials for Poloniex, a cryptocurrency trading platform, began pushing out forced password resets after a list of email addresses and passwords claiming to be from Poloniex accounts was discovered on Twitter. While the company was able to verify that many of the addresses found on the list weren’t linked to their site at all, they still opted to issue passwords reset for all clients. It’s still unclear where the initial list actually originated, but it was likely generated from a previous data leak and was being used on a new set of websites.
850 Wawa Stores Affected by Card-skimming
Nearly every one of Wawa’s
850 stores in the U.S. were found to be infected with a payment
card-skimming malware for roughly eight months before the company discovered
it. It appears Wawa only found out about the problem after Visa issued a
warning about card fraud at gas pumps using less-secure magnetic strips. WaWa has
since begun offering credit monitoring to anyone affected. In a statement, they
mention skimming occurring from in-store transactions as well, so card chips
would only be effective if the malware had been at the device level, rather
than the transaction point.
Microsoft Takes Domains from North Korean Hackers
Microsoft recently retook control of 50 domains that were being used by North Korean hackers to launch cyberattacks. Following a successful lawsuit, Microsoft was able to use its extensive tracking data to shut down phishing sites that mainly targeted the U.S., Japan, and South Korea. The tech company is well-known for this tactic, having taken down 84 domains belonging to the Russian hacking group Fancy Bear and seizing almost 100 domains linked to Iranian spies.
Landry’s Suffers Payment Card Breach
One of the largest restaurant chain and property owners, Landry’s,
recently disclosed that many of their locations were potentially affected by a
payment card leak through their point-of-sale systems. The company discovered
that from January through October of 2019, any number of their 600 locations
had been exposed to a card-skimming malware if not processed through a main
payment terminal that supported end-to-end encryption.
The post Cyber News Rundown: US Coast Guard Hit with Ransomware appeared first on Webroot Blog.