A ransomware outbreak has besieged a Wisconsin-based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States. The strain of ransomware strain that infected the Virtual Care Providers Inc (VCPI) network is a private ransomware-as-a-service known as Ryuk, distributed by the operators of Trickbot. While Ryuk operators often choose large corporations as targets, but the risk of attack is high for small and medium-size businesses as well. Ryuk victims typically encounter very high ransom demands.
Retail giant Bed Bath & Beyond revealed in a recent filing with the U.S. Securities and Exchange Commission (SEC) that some online customer accounts were accessed by a third party. Unauthorized access was achieved through “credential re-use,” using stolen usernames and passwords from a different source to access accounts. Hackers are able to do this because of the prevalence of using the same username and password to access multiple accounts.
In a recent phishing campaign, scammers attempted to use the promise of pay raises to bait employees into revealing their Microsoft Office 365 account credentials.
Attackers have been using a Windows update spam campaign to deploy a relatively new ransomware known as “Cyborg.” The email appears to come from Microsoft, and directs recipients to an attachment described as the “latest critical update.”
The Financial Crimes Enforcement Network (FinCEN) reports losses from business email compromise (BEC) scams average over $300 million per month.
Hackers are targeting the employees of large companies with a fake email appearing to come from the U.S. Equal Employment Opportunity Commission (EEOC) alleging sexual harassment in an attempt to get the employees to download the “TrickBot” banking Trojan payload..
A new threat actor is using email to impersonate U.S. and European government agencies in an attempt to deliver ransomware, backdoors and banking Trojans through malicious attachments.
As cybersecurity advances, so do methods of distributing malware undetected by antivurus and email security programs, best illustrated by a new phishing campaign that using a malicious ZIP file designed to bypass secure email gateways to distribute a remote access Trojan (RAT) known as NanoCore.
Cybercriminals were cashing in on Black Friday and Cyber Monday shoppers with an array of scams and malware, including domain impersonation, social media giveaway scams, and a malicious Chrome extension. While online shopping scams are not new, researchers warn of an uptick in more sophisticated scams this year.
On November 23, Joker’s Stash, one of the largest black market sites for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards.
The operators of the ransomware as a service (RaaS) known as Nemty have found a new distributor for their file-encrypting malware; Trik. The malware is spread to systems with its Server Message Block (SMB) network communication protocol exposed on the web and protected by weak credentials.
The strain of ransomware, known as Ryuk and distributed by the Russian-speaking Wizard Spider financial crime syndicate, is innovating by using the Wake-on-LAN (WoL) utility to reach snoozing systems that it otherwise would not be able to encrypt. Ryuk operators have been using the Emotet Trojan to deliver a Trickbot payload to install the Ryuk ransomware.
How safe is your organization? Take the Cyber Risk Scorecard survey to assess your current cybersecurity standing and find additional steps your organization can take to protect against common cyber threats.
Jake has been in the insurance industry since 2004. He started his career in consulting at a global financial services corporation before beginning his brokerage career where he has managed management liability programs at global insurance brokerages for a diverse set of organizations ranging from start-ups to Fortune 500 companies.
Jake has been in the insurance industry since 2004. He started his career in consulting at a global financial services corporation before beginning his brokerage career where he has managed management liability programs at global insurance brokerages for a diverse set of organizations ranging from start-ups to Fortune 500 companies. Jake has served on several non-profit boards throughout his career and is a frequent speaker on D&O and cyber liability risks. Jake joined Associated Benefits and Risk Consulting (ABRC) in 2014 and his primary responsibilities include leading the firm’s management liability group and serving as global team lead.
Wire transfer requests top the list of business email compromise (BEC) objectives, according to a study by Barracuda Networks. Additional objectives laid out by the report include duping users into clicking on malicious links, establishing rapport and stealing information, with the end goal of extorting millions of dollars from unsuspecting companies.
This month's Threat Intelligence Report is about a large hotel chain that reports an “unauthorized access” to its customer database since 2014, exposing data of 500 million guests; a vulnerability in a postal service site that left 60 million customers exposed for more than a year; a third-party vendor breach that exposes data of millions of healthcare patients; a new report that profiles notorious MageCart cyber criminals; court documents that reveal first-ever indictment on ransomware charges; and a bundled pack that makes SamSam and other ransomware easier for hackers to obtain and deploy.
Send a Message
Find a Location