South Korean retailer E-Land was forced to suspend operations at 23 stores after being hit by ransomware. (Source: E-Land Group)

From St. Louis to France, Ransomware Victim List Expands

Mathew J. Schwartz • November 23, 2020

Ransomware continues to pummel many types of organizations, recently including South Korea's E-Land retail group, French newspaper Paris-Normandie and a Georgia county school system. A ransomware hit against hosting giant Managed.com has resulted in ongoing site outages for numerous others.

►

3rd Party Risk Management

Redefining the IAM Strategy for the Remote Workplace

Latest

Breach Notification

Fraudsters Target Cryptocurrency Platforms Through GoDaddy

Prajeet Nair • November 23, 2020

Last week, fraudsters targeted two cryptocurrency platforms by accessing domains managed by GoDaddy, according to notices published by the victimized firms. The domain register company has had previously issues with unauthorized access.

Cybercrime as-a-service

Qbot Banking Trojan Now Deploying Egregor Ransomware

Akshaya Asokan • November 23, 2020

The operators behind the Qbot banking Trojan are now deploying a recently uncovered ransomware variant called Egregor to target organizations across the world, according to researchers at Group-IB.

Account Takeover Fraud

Florida Man Gets 3-Year Prison Term for Account Takeover Scam

Chinmay Rautmare • November 21, 2020

A Florida man has been sentenced to 37 months in prison after pleading guilty to a federal laundering money charge stemming from a $9 million business account takeover scheme, according to the Justice Department.

Cybercrime as-a-service

Grelos Skimmer Variant Co-Opts Magecart Infrastructure

Akshaya Asokan • November 21, 2020

Researchers have identified a fresh variant of the Grelos skimmer that has co-opted the infrastructure that MageCart uses for its own skimming attacks against e-commerce sites, according to RiskIQ. The malware has been found on several small and mid-size e-commerce sites worldwide.

3rd Party Risk Management

Applying Automation to Business Continuity Planning

Suparna Goswami • November 20, 2020

To improve business continuity planning as well as third party management, organizations need to rely more on automation, says Gaurav Mahendru, solutions architect, security and risk at ServiceNow.

Breach Notification

Eye Care Center Operator's Customer Data Hacked

Marianne Kolbasuk McGee • November 20, 2020

A U.S. unit of Italian-based eyewear maker and eye care center conglomerate Luxottica has reported a breach affecting over 829,000 individuals - the fourth largest health data breach added to the U.S. federal tally so far this year. It's unclear if a recent ransomware attack is related.

Cybercrime

Fraudsters Use Free Google Services in Phishing Campaigns

Prajeet Nair • November 20, 2020

Fraudsters are increasingly using free Google services to create more realistic phishing emails and malicious domains that circumvent security filters, the security firm Armorblox reports.

Cloud Security

AWS Flaw Allows Attackers to Find Users' Access Codes

Chinmay Rautmare • November 20, 2020

A recently uncovered vulnerability in a class of Amazon Web Service APIs can be exploited to leak AWS identity and access management user and arbitrary accounts, according to Palo Alto Networks' Unit 42.

Cyberwarfare / Nation-State Attacks

UK Forms National Cyber Force

Tony Morbin • November 20, 2020

U.K. Prime Minister Boris Johnson announced Thursday the creation of a National Cyber Force designed to strengthen Britain's cybersecurity posture and give the country new defensive and offensive capabilities. Some security experts, however, are raising concerns about recruiting enough qualified staff members.

Account Takeover Fraud

Global Financial Industry Facing Fresh Round of Cyberthreats

Prajeet Nair • November 20, 2020

Although the global financial industry has made strides in protecting its data from malware, including Trojans, cyberthreats such as network intrusion, ransomware and criminal gang cooperation are presenting fresh challenges, according to the Carnegie Endowment for International Peace.

Cybercrime as-a-service

2 Arrested for Operating Malware Encryption Service

Doug Olenick • November 20, 2020

Europol has arrested two Romanians for allegedly selling services - including malware encryption - that helped cybercriminals circumvent antivirus tools.

Business Continuity Management / Disaster Recovery

Christopher Krebs Describes Accomplishments

Anna Delaney • November 20, 2020

This edition of the ISMG Security Report features a discussion with Christopher Krebs, the recently fired director of the Cybersecurity Infrastructure Security Agency, on his accomplishments at the agency. Also featured are updates on ransomware gangs recruiting affiliates and healthcare supply chain risks.