Cyber Bites

Thanksgiving eCard Emails Distributing Malware

With Thanksgiving being celebrated in the United States, malware distributors are sending out holiday themed emails to distribute the Emotet Trojan and other malware. New email campaigns are underway that pretend to be Thanksgiving Day greeting cards and office closing notices with last minute invoices. Users who fall for the emails and open the attached word documents will be left with a Windows computer infected with a password-stealing Trojan and possibly other malware.

Source: Bleeping Computer

The post Thanksgiving eCard Emails Distributing Malware appeared first on IT Security Guru.

Malicious SDK banned from Facebook and Twitter

Twitter warned its users that a software development kit (SDK) developed by oneAudience could have allowed that company to obtain account information. Facebook also posted a notice concerning not only the oneAudience SDK, but also for fellow SDK maker Mobiburn. OneAudience confirmed the problem and then shut down the SDK along with its associated websites but said the data was never intended to be collected, never added to its database and never used.

Source: SC Magazine

The post Malicious SDK banned from Facebook and Twitter appeared first on IT Security Guru.

Major data breach hits Palo Alto Networks

The cybersecurity firm Palo Alto Networks has admitted that it suffered a data breach which resulted in the personal data of both past and current employees being leaked online. Business Insider, who broke the story, was first made aware of the breach by a former employee of the company that wished to remain anonymous.

Source: Tech Radar

The post Major data breach hits Palo Alto Networks appeared first on IT Security Guru.

James Fisher and Son “No indication” data lost during cyber attack

Cumbrian marine services firm James Fisher and Sons has said there is no indication that personal or commercially sensitive data was lost during a recent cyber attack. In a trading update the Barrow-headquartered business appeared to reveal the attack had been centred on its JFD arm, which provides diving equipment and rescue training to commercial clients and the defence sector, with specific emphasis on submarines.

Source: NEW Mail

The post James Fisher and Son “No indication” data lost during cyber attack appeared first on IT Security Guru.

DiBella’s data breach affecting 305,000 cards occurred because of Fin7

Fifteen months after DiBella’s Old Fashioned Submarines was notified by the FBI and credit card companies of a data breach the sandwich shop chain has issued a notice informing its customers of the incident. The company reported its stores in Connecticut, Indiana, Michigan, Ohio, New York and Pennsylvania may have had the information on as many as 305,000 payment cards compromised. DiBella’s said it was informed by the FBI and its credit card firms on August 27, 2018 of the data breach and that Fin7 were the likely actors behind the attack gaining access to the company’s payment card data and computer system.

Source: SC Magazine

The post DiBella’s data breach affecting 305,000 cards occurred because of Fin7 appeared first on IT Security Guru.

Medical records locked by ransomware at Great Plains Health

Additional Security

Lorem ipsum dolor sit amet

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nullam elit enim, lacinia at eleifend vitae, mattis vitae arcu. Maecenas faucibus, neque sit amet venenatis malesuada, libero elit consectetur dolor, ut tempus ligula urna vel ligula. Maecenas nulla elit, aliquam quis sollicitudin dignissim, ullamcorper consectetur arcu. Aenean ornare sem urna, vel aliquet lacus hendrerit non. Mauris cursus lectus nec dui fringilla viverra. Phasellus molestie erat non risus blandit, eu tincidunt felis aliquet. Pellentesque enim massa, vulputate eu quam in, interdum pellentesque leo. Aliquam non scelerisque dui, quis semper turpis. Nam eget semper dolor.

Lorem ipsum

Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Lorem ipsum

Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Lorem ipsum

Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Lorem ipsum

Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Lorem ipsum dolor sit amet

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nullam elit enim, lacinia at eleifend vitae, mattis vitae arcu. Maecenas faucibus, neque sit amet venenatis malesuada, libero elit consectetur dolor, ut tempus ligula urna vel ligula. Maecenas nulla elit, aliquam quis sollicitudin dignissim, ullamcorper consectetur arcu. Aenean ornare sem urna, vel aliquet lacus hendrerit non. Mauris cursus lectus nec dui fringilla viverra. Phasellus molestie erat non risus blandit, eu tincidunt felis aliquet. Pellentesque enim massa, vulputate eu quam in, interdum pellentesque leo. Aliquam non scelerisque dui, quis semper turpis. Nam eget semper dolor.

additional security

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nullam elit enim, lacinia at eleifend vitae, mattis vitae arcu. Maecenas faucibus, neque sit amet venenatis malesuada, libero elit consectetur dolor, ut tempus ligula urna vel ligula. Maecenas nulla elit, aliquam quis sollicitudin dignissim, ullamcorper consectetur arcu.

A solution for every business need

We offer a wide range of services within this category. Please contact us today to further explore the areas in which you can improve your IAM systems.

About

IT Security.org are based in the UK, offering a range of IT security solutions ranging from compliance and risk management to testing, training and much more.

Follow Us

Contact Us

© Copyright ITSecurity.Org Ltd 2015-2019 All Rights Reserved. Company Registration Number:11208508. Registered office address: 27 Old Gloucester Street, Holborn, London, United Kingdom, WC1N 3AX. VAT Reg.299747227

Over 80,000 devices were hijacked by Dexphot Malware and used to Mine Cryptocurrency

Microsoft is warning of malware, Dexphot, that has infected more than 80,000 machines, sucking up their CPU power in order to mine cryptocurrency. Researchers first discovered Dexphot in October 2018 and saw its activity peak during July. They said that the malware has a complex attack chain and also uses various methods to outwit detection efforts, including an obfuscated script designed to check for antivirus products, and regularly-scheduled malware updates.

Source: Threatpost

The post Over 80,000 devices were hijacked by Dexphot Malware and used to Mine Cryptocurrency appeared first on IT Security Guru.

Social media giants Facebook and Twitter ban malicious SDK that deleted member info

Twitter warned its users that a software development kit (SDK) developed by oneAudience could have allowed that company to obtain account information. Facebook also posted a notice concerning not only the oneAudience SDK, but also for fellow SDK maker Mobiburn. OneAudience confirmed the problem and then shut down the SDK along with its associated websites but said the data was never intended to be collected, never added to its database and never used.

Source: SC Magazine

The post Social media giants Facebook and Twitter ban malicious SDK that deleted member info appeared first on IT Security Guru.