Phishing Watchdog – Stay Safe with Instant Alerts


Over Half of Canadians Victims of Cybercrime

16th July 2020 | Target: Canadians | Reported Here

More than half of Canadians have fallen victim to a cybercrime, according to a new report by the Cybersecure Policy Exchange (CPX) at Ryerson University in Toronto.

In the report Advancing a Cybersecure Canada: Introducing the Cybersecure Policy Exchange, the CPX revealed that 57% of Canadians say that they have been a victim of a cybercrime.


[above via Terabitweb post]


Bitcoin Thieves Hit Cashaa

13th July 2020 | Target: Cashaa | Reported Here

Cybercriminals have compromised a British cryptocurrency exchange, with more than $ 3 million in Bitcoin.

Cashaa halted all crypto-related transactions after cybercriminals stole more than 336 Bitcoin from their exchange. The company said users at first glance were unaffected by the theft.


[above via Oltnews post]


Zoom Zero-Day Bug Hits Legacy Windows Users

10th July 2020 | Target: Zoom | Reported Here

Zoom is scrambling to fix another zero-day vulnerability in its Windows client, this time potentially leading to arbitrary remote code execution.

Acros Security CEO, Mitja Kolsek, revealed the news in a blog post, claiming that the researcher who found the bug didn’t disclose to the vendor or a third-party broker, “but would not object to us reporting it to Zoom.”

“We analyzed the issue and determined it to be only exploitable on Windows 7 and older Windows systems. While Microsoft’s official support for Windows 7 has ended this January, there are still millions of home and corporate users out there prolonging its life with Microsoft’s Extended Security Updates or with 0patch,” he explained.


[above via Cybercureme post]


UCSF Pays $1.14m Ransomware Fee

29th June 2020 | Target: UCSF | Reported Here

The University Of California San Francisco finally confirmed that it had forked over $1.14m to ransomware thieves last week, less than a month after discovering that critical academic data related to its COVID-19 research had been encrypted.


[above via Infosecurity post] Update 1


Police Seize Alleged Bitcoin Raider’s $90m in Assets

22nd June 2020 | Target: Bitcoin Exchange Services | Reported Here

Police in New Zealand have seized $90m worth of assets belonging to a man wanted for cybercrimes in France and the United States.

Alexander Vinnik allegedly masterminded a Bitcoin laundering ring that handled billions of dollars via a digital currency exchange. He is also wanted for some minor crimes in his native Russia.


[above via Infosecurity post]


Sharp Rise in Web Attacks on Gamers

17th June 2020 | Target: Gamers | Reported Here

Cyber-criminals stepped up their efforts to victimize gamers while millions of people stayed at home this spring to slow the spread of COVID-19.

New research published today by Kaspersky found that in April, the daily number of blocked attempts to direct users to malicious gaming-themed sites increased by 54%, compared to January 2020.


[above via Nxtalpha post]


Cyber-Attack Hits US Nuclear Missile Sub-Contractor

3rd June 2020 | Target: US Nuclear Missile Sub-Contractor | Reported Here

A U.S. military contractor involved in the maintenance of the country’s Minuteman III nuclear arsenal has been hit by the Maze ransomware, according to reports – with the hackers making off with reams of sensitive information.


[above via Threat Post post]


REvil Ransomware Group Auctions Stolen Data

2nd June 2020 | Target: Various Companies | Reported Here

A prolific ransomware group has begun auctioning data stolen from victim organizations that refuse to pay up, marking an escalation in its monetization efforts.

The gang behind the REvil (aka Sodinokibi) variant this week took to its dark web blog to announce the first auction, related to a Canadian agricultural company it compromised which has declined to pay a ransom.


[above via Infosecurity post]


Minneapolis City and Police Websites Attacked

1st June 2020 | Target: Police Websites | Reported Here

The Minneapolis Police Department’s website has shown signs of a cyber-attack since late Saturday, days after a video purported to be from the hacktivist group Anonymous promised retribution for the death of George Floyd during an arrest.

Websites for the police department and the city of Minneapolis were temporarily inaccessible on Saturday as protesters in cities around the U.S. marched against police violence aimed at black Americans.


[above via Cybercureme post]


Norway’s Wealth Fund Loses $10m in Data Breach

15th May 2020 | Target: Norway’s Wealth Fund | Reported Here

Norway’s state-owned investment fund Norfund has halted all payments after losing $10m in an “advanced data breach.”

Norfund is a private equity company established by the Norwegian Storting in 1997 and owned by the Norwegian Ministry of Foreign Affairs. The fund receives its investment capital from the state budget and is the largest sovereign wealth fund in the world.

On May 13, Norfund announced that it was “cooperating closely with the police and other relevant authorities” after “a series of events” allowed fraudsters to make off with $10m.

The fund said that a data breach allowed defrauders to access information concerning a loan of US$10m from Norfund to a microfinance institution in Cambodia.


[above via Cybercureme post] Update 1