Reading Time: ~ 2 min.
Zeppelin Ransomware Spreading
Over the last month, researchers have been monitoring the
spread of a new ransomware variant, Zeppelin.
This is the latest version of the ransomware-as-a-service that started life as
VegaLocker/Buran and has differentiated itself by focusing on healthcare and IT
organizations in both the U.S. and Europe. This variant is unique in that
extensions are not appended, but rather a file marker called Zeppelin can be
found when viewing encrypted files in a hex editor.
German ISP Faces Major GDPR Fine
The German internet
service provider (ISP) 1&1 was recently fined for failing to protect
the identity of customers who were reaching out to their call centers for
support. While the incident took place in 2018, GDPR is clear about imposing
fines for organizations that haven’t met security standards, even if retroactive
changes were made. 1&1 is attempting to appeal the fines and has begun
implementing a new authentication process for confirming customers’ identities
over the phone.
Turkish Credit Card Dump
Nearly half a million payment cards belonging to Turkish
residents were found in a data dump on a known illicit card selling site.
The cards in question are both credit and debit cards and were issued by a variety
of banking institutions across Turkey. This likely means that a mediating
payment handler was the source of the leak, rather than a specific bank. Even
more worrisome, the card dump contained full details on the cardholders,
including expiration dates, CVVs, and names; everything a hacker would need to
make fraudulent purchases or commit identify theft.
Pensacola Ransomware Attack
The city of Pensacola,
Florida was a recent victim of a ransomware attack that stole, then
encrypted their entire network before demanding $1 million ransom. In an
unusual message, the authors of the Maze ransomware used explicitly stated that
they had no connection to the recent shootings at the Pensacola Naval Base, nor
were they targeting emergency services with their cyberattack.
Birth Certificate Data Leak
An unnamed organization that provides birth
certificate services to U.S. citizens was contacted earlier this week in
regard to a data leak of nearly 750,000 birth certificate applications. Within
the applications was sensitive information for both the child applicant and
their family members, which is highly sought after by scammers because it is
relatively easy to open credit accounts for children with no prior credit
history. Researchers are still waiting to hear back from the organization after
finding this data dump in an unsecured Amazon Web Services bin.