PINDROP BLOG

Category: Hacking

June 28, 2017
Petya-Derived Ransomware Is Acting Like Shamoon
UPDATE–Security researchers are continuing to delve into the details of the latest ransomware outbreak, and have found that the ExPetr ransomware has a number of interesting characteristics that separate it from other variants and raise questions about its purpose. The ExPetr or NotPetya ransomware shares some code and behavior with the older Petya ransomware, but researchers…
Read More →
June 27, 2017
Petya-Like Ransomware Hits Companies Across Europe
A fast-moving ransomware attack has hit a number of companies in several European countries and the United States, the second such widespread ransomware outbreak in as many months. The attack was originally thought to be a new variant of the Petya ransomware, but researchers have said that it appears to be an entirely new ransomware strain. There…
Read More →
June 26, 2017
Anthem Settles Data Breach Suit for $115 Million
Anthem Inc., the victim of one of the more extensive data breaches in U.S. history, has agreed to pay a settlement of $115 million to consumers affected by the incident. The settlement is believed to be the largest ever to result from a data breach in the U.S. and would end a class-action lawsuit that followed…
Read More →
June 22, 2017
WannaCry Still Causing Trouble a Month On
More than a month after the WannaCry ransomware began making its way through networks around the world, the worm still is causing serious trouble in some places. Honda this week had to shut down an auto assembly plant temporarily due to a WannaCry infection, and the ransomware also has hit traffic cameras in Australia. Officials…
Read More →
June 22, 2017
Lawsuit Filed After Personal Data of Nearly 200 Million Voters Exposed
A few days after the personal data of nearly 200 million registered American voters was accidently exposed online due to an “improperly configured security setting”, some of the people affected by the breach have filed a class-action lawsuit against the analytics company responsible for the leak. A total of 1.1 terabytes of data were available…
Read More →
June 21, 2017
Microsoft Makes Edge Bug Bounty Permanent
Microsoft is making the bug bounty for its Edge browser a permanent program, a significant change to the way the company incentivizes researchers to find vulnerabilities in the application. It’s been a little less than a year since Microsoft launched the bounty as a temporary offering with the Windows 10 Insider Preview. The idea was…
Read More →
June 21, 2017
Malvertising Campaign Tied to Ransomware Attack on UK Universities
The mobile ransomware infections that hit a number of universities in the U.K. recently have been traced back to a malvertising network and the Astrum exploit kit. The attacks against several universities, including University College London, emerged last week and initially there were fears that they were connected to the WannaCry ransomware outbreak. But researchers at…
Read More →
June 20, 2017
South Korean ISP Nayana Pays $1M Ransom to Decrypt Servers
An ISP in South Korea that was hit with a deep ransomware infection in recent days has agreed to pay more than $1 million to recover access to its encrypted data. The company, Nayana, said that it had been hit with the Erebus ransomware about 10 days ago, and spent several days trying to recover…
Read More →
June 19, 2017
Europol Hits Group Allegedly Selling Security Evasion Tools
Europol has arrested six people as part of a wide-scale operation to crack down on cybercriminals who sell tools such as crypters and anti-AV that help attackers evade security defenses. The operation involved authorities in several countries and over the course of several days earlier this month, Europol officials made arrests and conducted interviews in…
Read More →
June 16, 2017
Email Compromise Campaign Hits Hundreds of Companies
A large-scale, long-term business email compromise campaign has been targeting large industrial companies, including those in the energy, metals, and power sectors. The campaign has been running for several years and has included a variety of tactics, namely compromises of corporate email systems, network exploitation, social engineering, and highly targeted phishing messages. Researchers at Kaspersky…
Read More →