Phishing Watchdog – Stay Safe with Instant Alerts

Canadian Territory Nunavut Suffers Ransomware Attack

4th November 2019 | Target : Nunavut | Reported Here
The Government of Nunavut is the latest victim of a sophisticated ransomware attack. In an official statement, the Premier of Nunavut, Joe Savikataaq, stated he noticed a new and advanced type of ransomware that affected their network systems across the territory on November 2, 2019.
The attack encrypted individual files on various servers and workstations impacting all government online services. “All government services requiring access to electronic information stored on the Government of Nunavut (GN) network are impacted, except Qulliq Energy Corporation,” said Savikataaq.


 [above via Cisomag post] – Update 1


Marriott announces exposure of associate’s Social Security numbers

1st November 2019 | Target : Marriott Reported Here

Marriott has once again suffered a cyber attack. This time, Marriott warns some of its associates about a security breach affecting their Social Security Numbers. What makes this incident tricky is that Marriott is facing trouble contacting some of the victims.

Marriott Security Breach Affects Associates Marriott International Inc.

has recently warned of a security breach affecting some associates. Precisely, the incident exposed the Social Security Numbers of the associates to an unknown attacker. As revealed via a security notice, the incident primarily hit a third party vendor who once collaborated with Marriott.


[above via Latesthackingnews post] – Update 1


North Korean Malware Found at Indian Nuke Plant

31st October 2019 | Target: Nuclear Power Station Reported Here

The network of one of India’s nuclear power plants was infected with malware created by North Korea’s state-sponsored hackers, the Nuclear Power Corporation of India Ltd (NPCIL) confirmed today.

News that the Kudankulam Nuclear Power Plant (KNPP) might have been infected with a dangerous strain of malware first surfaced on Twitter on Monday.

Pukhraj Singh, a former security analyst for India’s National Technical Research Organization (NTRO), pointed out that a recent VirusTotal upload was actually linked to a malware infection at the KNPP.

The particular malware sample included hardcoded credentials for KNPP’s internal network, suggesting the malware was specifically compiled to spread and operate inside the power plant’s IT network.


[above via Zdnet post] – Update 1 / Update 2


Ocala police: Scammers swiped nearly $750,000 from city

28th October 2019 | Target: Ocala city  Reported Here

Police say scammers posing as a local construction company doing business with a north Florida city got an employee to change information that sent $742,376 to a fraudulent bank account.

The Ocala Star-Banner reports a senior accounting specialist for the city of Ocala received an email in September that was believed to be from Ausley Construction. It included a form requesting the city to change Ausley’s banking information.


 [above via Nbcmiami post] – Update 1


UN, NGOs targeted by ongoing phishing attack

25th October 2019 | Target: UN, NGOs Reported Here

Security researchers are warning of an ongoing mobile-aware phishing campaign targeting the United Nations and various NGOs for Okta, Office 365 and Outlook account credentials.

The two domains hosting the phishing content have been live since March 2019, with most of the the SSL certificates used valid in two main date ranges: May 5-August 3, 2019, and June 5-September 3, 2019, according to Lookout.

Interestingly, Javascript on the phishing pages can detect if the user is on a mobile device, and deliver relevant content to them. Lookout warned that mobile browsers typically truncate URLs, which can help phishing attempts by making it harder for users to spot any deception.


 [above via Cisomag post] – Update 1


Stripe Users Targeted in Phishing Attack That Steals Banking Info

17th October 2019 | Target: Bank Data. Reported Here

A new phishing campaign that targets Stripe users to steal banking information has been uncovered.

Attackers are evading detection by blocking users from viewing the destination of embedded links.

Stripe is an online platform that enables businesses to deal with payments. It handles billions of dollars annually and has a rich client base of reputed brands. This makes Stripe an attractive target for hackers.


[above via It – news post] – Update 1 / Update 2


Malware takes down some Pitney Bowes systems

14th October 2019 | Target: Pitney Bowes. Reported Here

Global shipping and postage giant Pitney Bowes has had its operations disrupted by ransomware, with customers being unable to access some of its services.

Pitney Bowes acknowledged the attack early this morning Australian time.

SendPro customers currently can’t refill postage or upload transactions on their mailing machines, Pitney Bowes advised.

It is also not possible to access SendPro Online in the UK and Canada, or the ‘Your Account’ page for customers and the Pitney Bowes Supplies webstore.

Mail360 Scans and MIPro Licensing are also down, the company said, with the Software and Data Marketplace being unavailable.


[above via cyware post] – Update 1 / Update 2


Cyber-Attacks Hit Defense Contractors in Europe and North America

27th September 2019 | Target: Rheinmetall AG. Reported Here

Rheinmetall AG and Defence Construction Canada (DCC), both major defense contractors, were each at the receiving end of disruptive cyberattacks this month. Rheinmetall AG has been hit with what the firm referred to as “malware attacks” since September 24. As a result, the “normal production processes ” at company’s plants in Brazil, Mexico and the US have been significantly disrupted. The company says that it may take between two to four weeks to resolve all issues resulting from the attacks.

Separately, DCC suffered a “cyber incident” on September 11 that disrupted various IT systems. The company has launched in investigation into the attack and is currently still working to fully recover all impacted systems.


[above via Oodaloop post] – Update


Ransomware Attack Disrupts Wyoming Health Services

23rd September 2019 | Target: Campbell County Health.Reported Here

Campbell County Health (CCH) in Wyoming on Sept. 20 was hit with a ransomware attack that has severely disrupted the facility’s computer network, requiring a return to paper record keeping and the transfer of some patients to non-affected hospitals.

In a Sept. 23 press conference posted on Facebook, CCH officials said the attack’s impact has been widespread, but at this time it is not believed any patient information was compromised. Very few details concerning the attack is known at this time, but an investigation is ongoing and includes a third-party cybersecurity firm along with local, state and federal law enforcement.

A hospital spokeswoman told SC Media that she could not comment on the ransom demand amount, whether or not paying it is being considered, or if the hospital will use backed-up files to recover from the attack.


[above via Sc-magazine post] – Update 1 / Update 2


North Korean Malware Attacks ATMs and Banks

23rd September 2019 | Target: ATM | Reported Here

The infamous Lazarus Group is behind new malware discovered targeting ATMs and back-office systems in Indian banks and research centers, according to Kaspersky.

The Russian AV vendor claimed in a new report that it discovered the ATMDtrack malware back in late summer 2018. It is designed to sit on targeted ATMs and effectively skim the details of cards as they are inserted into the machine.

However, digging a little deeper, the researchers found another 180+ new malware samples similar to ATMDtrack but which were not designed to target ATMs.

[above via Info-Security post] – Update 1 / Update 2

Hackers Steal $4.2m from State Troopers’ Pension Fund

6th September 2019 | Target: Oklahoma | Reported Here

Cyber-thieves targeting a pension fund for law enforcement officers employed by the state of Oklahoma have made off with $4.2 million.

The money was stolen from a fund of more than $1 billion set aside to pay pensions and benefits to around 1,500 retired highway troopers, park rangers, state agents, and other law enforcement officers.



[above via Info-Security post] – Update 1 / Update 2