dcsimg

Yandex sysadmin caught selling access to email accounts

Yandex, a European multinational technology firm best known for being the most-used search engine in Russia, has revealed it had a security breach, leading to the compromise of almost 5,000 Yandex email accounts. The company says it spotted the breach after a routine check by its security team. They found that one of their system administrators with access to customer accounts was allowing … [Read more...]

Malwarebytes detects leaked tools from FireEye breach

Hello folks! If you have not heard yet, the security firm FireEye has had a breach of many red team assessment tools used for identification of vulnerabilities to help protect customers. While it is not known exactly who was behind this attack, a big concern is the sharing and use of these stolen red team tools by both sophisticated and non-sophisticated actors, similar to what we saw in 2017 … [Read more...]

Securing the MSP: their own worst enemy

We’ve previously discussed threats to managed service providers (MSPs), covering their status as a valuable secondary target to both an assortment of APT groups as well as financially motivated threat groups. The problem with covering new and novel attack vectors, however, is that behind each new vector is typically a system left unpatched, asset management undone, a security officer not … [Read more...]

A week in security (January 20 – 26)

Last week on Malwarebytes Labs, we reported on a Ryuk ransomware attack on The Tampa Bay Times, a newspaper in Florida; unmasked an elaborate browser locking scheme behind the more advanced tech support operations that are currently active; and looked at the latest laws on regulating deepfakes. Other cybersecurity news Cisco’s Talos Intelligence Group discovered a new data stealer and … [Read more...]

Frankfurt’s IT networks grinds to a halt amid Emotet attack

The week before Christmas, Frankfurt saw the unwelcome return of Emotet, a banking trojan that recently came out of hiding to terrorise organisations across the globe.  The malware spread through the city’s systems, forcing officials to shut down its IT network, causing huge delays to government services.  This is the fourth time in recent weeks that Emotet has struck in Germany, following attacks … [Read more...]

Travelex falls victim to Sodinokibi ransomware attack

Travelex, a foreign exchange company with headquarters in London, has been hit by a ransomware attack, forcing it to shut down all computer systems across its 1,500 branches. Although the organisation said no personal data has been compromised, the criminal hackers behind the attack claimed to have acquired more than 5GB of personal data, including dates of birth, payment card information and … [Read more...]

Data breach costs Netherlands hospital €460,000

Haga Hospital, based in the Netherlands, was this week fined €460,000 by the Dutch data protection authority (AP) for breaching the GDPR (General Data Protection Regulation).   Haga was investigated by the AP after 85 hospital employees had access to the medical records of Samantha de Jong, AKA Barbie, a well–known Dutch reality TV star.   In addition to the fine, Haga must improve the … [Read more...]

A week in security (June 10 – 16)

Last week on Malwarebytes Labs, we revealed to readers the mindset of security pros as to why they lack confidence in their ability to prevent their organizations getting breached. We also reported on Maine Governor Janet Mills implementing the state’s own privacy protections, how Apple can better protect its users’ privacy, the continuous trending of the MegaCortex ransomware, how cyberbullies … [Read more...]

What to do when you discover a data breach?

Your cell phone goes off in the middle of your well-deserved sleep and you try to find it before your partner wakes up as well. “What could be wrong? Why would they page me in the middle of the night?” More asleep than awake, you stumble down the stairs and call the number on the screen, which you already recognize as the one in use by the chief of the night shift. When you ask why you were … [Read more...]

Facebook’s plain text misstep, and other password sins

Two days after an article by Brian Krebs disclosed that hundreds of millions of Facebook account passwords had been stored in plain text for years, Facebook released a statement indicating they hash and salt passwords, more or less in accordance with industry best practice. Plain text storage of credentials is a fairly egregious security misstep, but there’s a variety of other ways … [Read more...]