watchdog new page

 

Phishing Watchdog


 

PhishProtection.com “Phishing Watchdog” Is A Timeline of All Major Phishing Attacks Reported As They Breakout

 

An Updated Feed of All Significant Phishing Attacks

This is a comprehensive and frequently updated resource page that lists all the significant Phishing Attacks as they are discovered and happen online. Each attack is summarized here with links to further information about each attack. The list below is updated instantly with threat details as soon as the attack is verified to be authentic.
Please Sign Up To Get Instant Phishing Attack Alerts by Email

 

 

UK Banks Foiled by Travelex Ransomware Attack

8th January 2020 | Target: Travelex | Reported Here
 

The New Year’s Eve cyber-attack on currency exchange bureau Travelex is disrupting services for UK bank customers.

Travelex took all its systems offline as a precautionary measure after being hit by what it initially described as a “software virus” on December 31. On January 7, the company released a statement fingering the culprit as a type of ransomware known as Sodinokibi and also commonly referred to as REvil.


 

[above via Info -Security post] – Update 1

 

‘Serious cyber-attack’ on Austria’s foreign ministry

5th January 2020 | Target: Austrian Foreign Ministry | Reported Here
 

The Austrian Foreign Ministry sounded the alarm bells of an ongoing “serious cyber-attack” that started in the late hours of Saturday January 4, 2019. Considering the signatures and the pattern of the attack, experts suggest this cyber-attack could possibly be carried out by a state sponsored threat actor. The attack, which began on Saturday night, was continuing and, “as per experts it could last several days,” a foreign ministry spokesman added.


 

[above via Ciso-Mag post] – Update 1

 

Canadian Territory Nunavut Suffers Ransomware Attack

4th November 2019 | Target : Nunavut | Reported Here
 
The Government of Nunavut is the latest victim of a sophisticated ransomware attack. In an official statement, the Premier of Nunavut, Joe Savikataaq, stated he noticed a new and advanced type of ransomware that affected their network systems across the territory on November 2, 2019.
The attack encrypted individual files on various servers and workstations impacting all government online services. “All government services requiring access to electronic information stored on the Government of Nunavut (GN) network are impacted, except Qulliq Energy Corporation,” said Savikataaq.


 

 [above via Cisomag post] – Update 1

 

Marriott announces exposure of associate’s Social Security numbers

1st November 2019 | Target : Marriott Reported Here

Marriott has once again suffered a cyber attack. This time, Marriott warns some of its associates about a security breach affecting their Social Security Numbers. What makes this incident tricky is that Marriott is facing trouble contacting some of the victims.

Marriott Security Breach Affects Associates Marriott International Inc.

has recently warned of a security breach affecting some associates. Precisely, the incident exposed the Social Security Numbers of the associates to an unknown attacker. As revealed via a security notice, the incident primarily hit a third party vendor who once collaborated with Marriott.

 

[above via Latesthackingnews post] – Update 1

 

North Korean Malware Found at Indian Nuke Plant

31st October 2019 | Target: Nuclear Power Station Reported Here

The network of one of India’s nuclear power plants was infected with malware created by North Korea’s state-sponsored hackers, the Nuclear Power Corporation of India Ltd (NPCIL) confirmed today.

News that the Kudankulam Nuclear Power Plant (KNPP) might have been infected with a dangerous strain of malware first surfaced on Twitter on Monday.

Pukhraj Singh, a former security analyst for India’s National Technical Research Organization (NTRO), pointed out that a recent VirusTotal upload was actually linked to a malware infection at the KNPP.

The particular malware sample included hardcoded credentials for KNPP’s internal network, suggesting the malware was specifically compiled to spread and operate inside the power plant’s IT network.

 

[above via Zdnet post] – Update 1 / Update 2

 

UN, NGOs targeted by ongoing phishing attack

25th October 2019 | Target: UN, NGOs Reported Here

Security researchers are warning of an ongoing mobile-aware phishing campaign targeting the United Nations and various NGOs for Okta, Office 365 and Outlook account credentials.

The two domains hosting the phishing content have been live since March 2019, with most of the the SSL certificates used valid in two main date ranges: May 5-August 3, 2019, and June 5-September 3, 2019, according to Lookout.

Interestingly, Javascript on the phishing pages can detect if the user is on a mobile device, and deliver relevant content to them. Lookout warned that mobile browsers typically truncate URLs, which can help phishing attempts by making it harder for users to spot any deception.

 

 [above via Cisomag post] – Update 1

 

Stripe Users Targeted in Phishing Attack That Steals Banking Info

17th October 2019 | Target: Bank Data. Reported Here

A new phishing campaign that targets Stripe users to steal banking information has been uncovered.

Attackers are evading detection by blocking users from viewing the destination of embedded links.

Stripe is an online platform that enables businesses to deal with payments. It handles billions of dollars annually and has a rich client base of reputed brands. This makes Stripe an attractive target for hackers.

 

[above via It – news post] – Update 1 / Update 2

 

Malware takes down some Pitney Bowes systems

14th October 2019 | Target: Pitney Bowes. Reported Here

Global shipping and postage giant Pitney Bowes has had its operations disrupted by ransomware, with customers being unable to access some of its services.

Pitney Bowes acknowledged the attack early this morning Australian time.

SendPro customers currently can’t refill postage or upload transactions on their mailing machines, Pitney Bowes advised.

It is also not possible to access SendPro Online in the UK and Canada, or the ‘Your Account’ page for customers and the Pitney Bowes Supplies webstore.

Mail360 Scans and MIPro Licensing are also down, the company said, with the Software and Data Marketplace being unavailable.

 

[above via cyware post] – Update 1 / Update 2

 

Cyber-Attacks Hit Defense Contractors in Europe and North America

27th September 2019 | Target: Rheinmetall AG. Reported Here

Rheinmetall AG and Defence Construction Canada (DCC), both major defense contractors, were each at the receiving end of disruptive cyberattacks this month. Rheinmetall AG has been hit with what the firm referred to as “malware attacks” since September 24. As a result, the “normal production processes ” at company’s plants in Brazil, Mexico and the US have been significantly disrupted. The company says that it may take between two to four weeks to resolve all issues resulting from the attacks.

Separately, DCC suffered a “cyber incident” on September 11 that disrupted various IT systems. The company has launched in investigation into the attack and is currently still working to fully recover all impacted systems.

 

[above via Oodaloop post] – Update

 

Ransomware Attack Disrupts Wyoming Health Services

23rd September 2019 | Target: Campbell County Health.Reported Here

Campbell County Health (CCH) in Wyoming on Sept. 20 was hit with a ransomware attack that has severely disrupted the facility’s computer network, requiring a return to paper record keeping and the transfer of some patients to non-affected hospitals.

In a Sept. 23 press conference posted on Facebook, CCH officials said the attack’s impact has been widespread, but at this time it is not believed any patient information was compromised. Very few details concerning the attack is known at this time, but an investigation is ongoing and includes a third-party cybersecurity firm along with local, state and federal law enforcement.

A hospital spokeswoman told SC Media that she could not comment on the ransom demand amount, whether or not paying it is being considered, or if the hospital will use backed-up files to recover from the attack.

 

[above via Sc-magazine post] – Update 1 / Update 2

 

North Korean Malware Attacks ATMs and Banks

23rd September 2019 | Target: ATM | Reported Here

The infamous Lazarus Group is behind new malware discovered targeting ATMs and back-office systems in Indian banks and research centers, according to Kaspersky.

The Russian AV vendor claimed in a new report that it discovered the ATMDtrack malware back in late summer 2018. It is designed to sit on targeted ATMs and effectively skim the details of cards as they are inserted into the machine.

However, digging a little deeper, the researchers found another 180+ new malware samples similar to ATMDtrack but which were not designed to target ATMs.

 
 
[above via Info-Security post] – Update 1 / Update 2
 

Hackers Steal $4.2m from State Troopers’ Pension Fund

6th September 2019 | Target: Oklahoma | Reported Here

Cyber-thieves targeting a pension fund for law enforcement officers employed by the state of Oklahoma have made off with $4.2 million.

The money was stolen from a fund of more than $1 billion set aside to pay pensions and benefits to around 1,500 retired highway troopers, park rangers, state agents, and other law enforcement officers.

 

[above via Info-Security post] – Update 1 / Update 2

 

Get Free Access to Phishing Protection Best Practices

  • Learn why hosted solutions like Office 365 are vulnerable to phishing.
  • Discover why you must protect both your employees AND your customers.
  • Read why checking reputation databases once a day is a waste of time.
  • Learn what real-time website scanning should look for.
  • Get strategies for saving time and money on email protection.

Sign Up Below... and Get Instant Access to the Report