New Trojan malware steals millions of login credentials
TechRadar, Mayank Sharma
“In all, the unnamed malware managed to siphon away 1.2 terabytes of personal data including over a million unique email addresses, over two billion cookies, and more than six million other files.” Read More
Report shines light on REvil’s depressingly simple tactics: Phishing, credential-stuffing RDP servers… the usual
The Register, Gareth Halfacree
“The methods chosen by the group to gain access to the target systems are depressingly simple, Martineau’s report claimed, with the most common methods being as simple as sending a phishing message or attempting to log in to Remote Desktop Protocol (RDP) servers using previously-compromised credentials.” Read More
Phishing attack targets DocuSign and SharePoint users
SC Magazine, Steve Zurier
“…the researchers said most of the emails use COVID-19 as a way to dupe users into clicking on a bogus document. For example, the email will ask the user to review a ‘Covid 19 relief fund as approved by the board of directors.'” Read More
Dominion National reaches $2M settlement over nine-year data breach
SC Magazine, Jessica Davis
“The compromised information was highly sensitive and varied by individual, including Social Security numbers, bank account and routing numbers, member identification numbers, taxpayer identification, contact details, and other data.” Read More
Kaseya hack floods hundreds of companies with ransomware
TechCrunch, Zack Whittaker
“Make no mistake, the timing and target of this attack are no coincidence. It illustrates what we define as a Big Game Hunting attack, launched against a target to maximize impact and profit through a supply chain during a holiday weekend when business defenses are down.” Read More
