Phishing Watchdog – Stay Safe with Instant Alerts

Hacked forensic firm pays ransom after malware attack

5th July 2019 | Company: Eurofins Scientific Reported Here

Aleading forensic science firm, which is used by the UK police to help investigate major crimes, has paid a ransom to criminals after being targeted in a cyber attack, it is understood.

Eurofins Scientific, which is based in Belgium but has laboratories all over the world, was hit by a ransomware attack last month, which affected the firm’s IT systems.

The National Crime Agency has been investigating the source of the attack, but sources claimed the company had already paid a ransom to recover its network.


[above via Telegraph post] – Update 1 / Update 2


Thousands Left Vulnerable in Nexus Repository

2nd July 2019 | Company: Sonatype Reported Here

A recent breach in Nexus Repository left many companies and government agencies vulnerable, as thousands of private artifacts were left unprotected, according to a July 2 blog post from researchers Daniel Shapira and Ariel Zelivansky, with Twistlock Labs.

While this breach was swiftly rectified, Shapira and Zelivansky noted that this type of hack could have had catastrophic consequences and cannot be taken lightly.

A team of dedicated white hats identified these weaknesses within Nexus Repository. In a July 2 blog post, researchers wrote, “During my recent work I have discovered two security vulnerabilities in Nexus Repository that affect all users under default settings.


[above via Infosecurity post] – Update 1 /


Ford, TD Bank Files Found Online in Cloud Data Exposure

28th June 2019 | Target : Ford Reported Here

Attunity Ltd., a company that manages and safeguards data, left internal files exposed on the internet for clients including Ford Motor Co., and the Toronto-Dominion Bank, in the latest example of sensitive information being publicly accessible on the web.

The incident revealed passwords and network information about Attunity as well as emails and technology designs from some of its high-profile customers. Researchers at UpGuard Inc., a cybersecurity company, found more than a terabyte of data left unsecured by Attunity last month on Amazon Web Services cloud-computer servers, according to a report they published Thursday.


[above via BloomBerg post] – Update 1 / Update 2


Yandex hacked, and likely by Western intelligence agency

27th June 2019 | Internet company : Yandex Reported Here

Hackers working for Western intelligence agencies reportedly broke into Yandex, a Google competitor based in Russia, to search for technical information that shows how Yandex authenticates user accounts.

The hack occurred in 2018, according to Reuters, which sources the information from four people with knowledge of the event. The hackers used a malware called Regin, the same malware used for intelligence sharing

Regin is known to be used by the “Five Eyes,” an intelligence alliance made up of the United States, Britain, Australia, New Zealand and Canada. The countries are bound by an agreement to cooperate on intelligence.


[above via Mediapost post] – Update 1 / Update 2


Two Florida Cities Paid $1.1 Million to Ransomware Hackers

26th June 2019 | Target : Florida City Reported Here

For the second time in a week, a Florida city has paid out a digital ransom to hackers in an effort to regain control over their crippled municipal computer systems.

Lake City Mayor Stephen Witt said his small city located in northern Florida agreed to pay hackers a $460,000 ransom in an effort to regain control over their email and other servers, which were shutdown by the attack two weeks ago.

“I would’ve never dreamed this could’ve happened, especially in a small town like this,” Witt told Action News Jax.

The ‘Ransomware’ attack on the Lake City computer systems locked city workers out of their email accounts and make it impossible for residents to make any city payments online. Hackers managed to infect the city’s systems after a city employee clicked an email link that allowed the malware be introduced into their system. Lake City’s town’s insurer was contacted by the hackers who negotiated the ransom payment of 42 bitcoins (or around $460,000). Officials decided the ransom was the quickest way for city employees to regain access to their email accounts.


[above via Iheart post] – Update 1


Hackers Stole Data from NASA’s Robotics Lab

20th June 2019 | Target : NASA Reported Here

NASA’s Jet Propulsion Laboratory (JPL) systems were reportedly hacked by a Raspberry Pi that helped hackers crack into the weak security and steal data.

As Engadget reports, investigators looking into a security breach found that an unauthorised Raspberry Pi was linked to the JPL network that was targeted by hackers in April 2018, allowing them to steal 500MB of data and also go deeper into JPL’s network.


[above via Business Standard post] – Update 1 / Update 2


Florida city pays $600,000 to hackers who seized its computer system

19th June 2019 | Target : Florida City Reported Here

A city in Florida has decided to pay $600,000 to the hackers behind a ransomware attack that’s locked down the local government’s data.

On Monday, the city council of Riviera Beach voted unanimously to let the city’s insurer pay 65 bitcoins to the hackers. Why the council authorized the payment wasn’t discussed at the emergency hearing. But the city is hoping to recover municipal files the hackers encrypted during the ransomware attack.


[above via PC Mag post] – Update 1 / Update 2


New WSH RAT Malware Targets Bank Customers with Keyloggers

14th June 2019 | Target : Bank Reported Here

According to a blog post by researchers at Cofense, the new strain ofmalware, named WSH Remote Access Tool (RAT) by its developer, is a variant of the VBS (Visual Basic Script) based Houdini Worm (H-Worm) first created in 2013.

This new iteration comes ported to JavaScript (JS) from HWorm’s original codebase of Visual Basic. WSH is likely a reference to the legitimate Windows Script Host, which is an application used to execute scripts on Windows machines.


[above via Scmagazineuk post] – Update 1 / Update 2


City of Burlington falls for Phishing Scam

13th June 2019 | Location: Burlington Reported Here

The city of Burlington says it has fallen victim to a $503,000 phishing scheme. City staff received a “complex phishing email,” requesting to change banking information for an “established city vendor,” the city said in a press release. About $503,000 was transferred to a falsified bank account for the vendor on May 16, the city said. After realizing the mistake on May 23, the city says it immediately notified their bank and Halton Regional Police. They also put in “additional internal controls” to make sure it doesn’t happen again.


[above via CBC post] – Update 1 / Update 2


Hackers Plant Phishing Links in Google Calendar

11th June 2019 | Website: Google Calendar Reported Here

A sophisticated scam is targeting Gmail users through fraudulent, unsolicited Google Calendar notifications as well as through other Google services, including Photos and Forms, according to Kaspersky.

In these scams, criminals are exploiting Gmail calendar’s default feature that automatically adds calendar invitations and notifications.


[above via Infosecurity post] – Update 1 / Update 2