In our previous Threat Intelligence article, operators of the GandCrab ransomware software, affecting half a million victims and causing hundreds of millions in losses, had announced they were shuttering operations. In July, the FBI released a flash alert announcing the release of decryption tools for all versions of GandCrab ransomware.
A Seattle-area woman has been charged with accessing tens of millions of Capital One credit card applications after allegedly taking advantage of a misconfigured firewall. Page A. Thompson, 33, has been charged with one count of computer fraud and abuse, according to a criminal complaint filed in a Seattle federal.
Researchers have uncovered a phishing campaign targeting American Express card users. Security firm Cofense discovered the attackers had been directing users to update their accounts in an attempt to steal credentials and other account details, using a difficult-to-detect hyperlink to evade spam filters.
Sprint recently notified its customers of a data breach to an undisclosed amount of network users. Hackers had gained access to customer’s online logins and had the ability to see all of the data visible in those accounts.
The U.S. military is warning users to patch Outlook to prevent Iranian state-sponsored hackers from exploiting a 2017 vulnerability.
A new State of the Phish report, released by cybersecurity firm, Proofpoint, report analyzes data related to nearly 130 million cybersecurity questions, providing employers insights into employee knowledge levels across 14 categories, 16 industries, and 20+ department classifications. Key findings include:
A data breach monitoring service has reported a database dump of over 100 million Evite users who’s information had been exposed when attackers gained unauthorized access to the digital invitation company’s servers.
A new business email compromise (BEC) tactic has been identified, targeting customers by phishing for outstanding invoices from accounting department employees.
According to an analysis by the U.S. Treasury Department’s Financial Crimes Enforcement Network, business email compromise (BEC) scams cost U.S. companies more than $300 million a month.
A former Siemens contractor has pled guilty to planting logic bombs inside spreadsheets he created for the company. Contracted to develop spreadsheets for the automated technology company, the contractor set up the spreadsheets to fail in an attempt to get more billable service hours.
New criminal sites are being developed to provide Phishing-as-a-Service (PhaaS) including low-cost phishing kits and hosting allowing attackers with little technical knowledge to easily start phishing campaigns.
The city of Griffin, Georgia, recently fell victim to a business email compromise (BEC) attack in which scammers redirected two transactions, in the amount of $800,000, to their own bank accounts
After a lengthy investigation, the U.S. Federal Trade Commission (FTC) voted to levy a $5 billion fine against Facebook, according to the Washington Post and the Wall Street Journal, the largest fine ever issued by the FTC.
Jake has been in the insurance industry since 2004. He started his career in consulting at a global financial services corporation before beginning his brokerage career where he has managed management liability programs at global insurance brokerages for a diverse set of organizations ranging from start-ups to Fortune 500 companies.
Jake has been in the insurance industry since 2004. He started his career in consulting at a global financial services corporation before beginning his brokerage career where he has managed management liability programs at global insurance brokerages for a diverse set of organizations ranging from start-ups to Fortune 500 companies. Jake has served on several non-profit boards throughout his career and is a frequent speaker on D&O and cyber liability risks. Jake joined Associated Benefits and Risk Consulting (ABRC) in 2014 and his primary responsibilities include leading the firm’s management liability group and serving as global team lead.
Wire transfer requests top the list of business email compromise (BEC) objectives, according to a study by Barracuda Networks. Additional objectives laid out by the report include duping users into clicking on malicious links, establishing rapport and stealing information, with the end goal of extorting millions of dollars from unsuspecting companies.
This month's Threat Intelligence Report is about a large hotel chain that reports an “unauthorized access” to its customer database since 2014, exposing data of 500 million guests; a vulnerability in a postal service site that left 60 million customers exposed for more than a year; a third-party vendor breach that exposes data of millions of healthcare patients; a new report that profiles notorious MageCart cyber criminals; court documents that reveal first-ever indictment on ransomware charges; and a bundled pack that makes SamSam and other ransomware easier for hackers to obtain and deploy.
Send a Message
Find a Location