ISS: Security incident impacting parts of the IT environment
www.fi.issworld.com/ On 17 February 2020, ISS was the target of a malware attack. As a precautionary measure and as part of our standard operating procedure, we immediately disabled access to shared IT services across our sites and countries, which ensured the isolation of the incident.
Dharma Ransomware Attacks Italy in New Spam Campaign
www.bleepingcomputer.com/news/security/dharma-ransomware-attacks-italy-in-new-spam-campaign/ Security researchers JAMESWT, TG Soft, and reecDeep all noticed a new spam campaign today that is infecting users with the Ursniff keylogger or the Dharma Ransomware.
Swiss Govt Says Ransomware Victims Ignored Warnings, Had Poor Security
www.bleepingcomputer.com/news/security/swiss-govt-says-ransomware-victims-ignored-warnings-had-poor-security/ Switzerlands Reporting and Analysis Centre for Information Assurance (MELANI) today warned of ongoing ransomware attacks targeting the systems of Swiss small, medium-sized, and large companies.
The BlackBerry Cylance 2020 Threat Report
threatvector.cylance.com/en_us/home/the-blackberry-cylance-2020-threat-report.html Key topics discussed in the report: Continued evolution of ransomware tactics that include the increased availability of Ransomware-as-a-Service (RaaS) offerings, and instances where ransomware developers have collaborated with banking Trojan developers to exfiltrate data prior to encryption to be used to further extort victims.
Dozens Of Fake Help Desk Phone Numbers Seized In Fraud Investigation
nltimes.nl/2020/02/19/dozens-fake-help-desk-phone-numbers-seized-fraud-investigation The Netherlands’ authority on consumers and markets ACM and Dutch telecom providers together revoked 100 numbers that where used for fake help desks to scam people, ACM announced on Wednesday.
Hackers Were Inside Citrix for Five Months
krebsonsecurity.com/2020/02/hackers-were-inside-citrix-for-five-months/ Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords.