Categories
Breach Credential Stuffing Cyber Security Data leak Hacking Identity theft Malware Phishing Ransomware

Home Depot agrees to $17.5 million settlement over 2014 data breach, New WAPDropper malware stealthily subscribes you to premium services, and more

Major cybersecurity events on 25th November 2020 (Evening Post): Home Depot agrees to $17.5 million settlement over 2014 data breach, New WAPDropper malware stealthily subscribes you to premium services, Crooks impersonate US govt agencies offering financial aid.

Round Up of Major Breaches and Scams

Banijay Employee Data Potentially Breached After Super-Producer Falls Victim To Cyber Attack

Highly sensitive employee data, including bank account details and home addresses, may have been breached after super-producer Banijay was the victim of what could be a major hack late last week. Banijay, the company behind global hits including MasterChef and Big Brother, had its IT systems compromised by a bad actor demanding a ransom, potentially exposing the personal information of hundreds, if not thousands of staff.

Home Depot agrees to $17.5 million settlement over 2014 data breach

Home Depot has agreed to a $17.5 million settlement in a multi-state investigation of a data breach suffered by the company in 2014. Delaware Attorney-General Kathy Jennings announced the settlement on Tuesday, in which a total of 46 states, as well as the District of Columbia, have reached a resolution with the US retailer.

Crooks impersonate US govt agencies offering financial aid

Cybercriminals looking to steal personal information are baiting U.S. citizens with emails purporting to be from government agencies offering federal assistance. The purpose of the phishing campaigns is to collect personal data that could be used for identity theft or usernames and passwords that could be used for credential stuffing attacks.

Cyber-attacks Reported on Three US Healthcare Providers

Three healthcare providers in Florida, Georgia, and New York are notifying patients that their protected health information may have been exposed in recent cyber-attacks involving ransoms. Warnings went out to patients of Advanced Urgent Care of the Florida Keys on November 6 regarding a ransomware attack that took place on March 1, 2020.

Round Up of Major Malware and Ransomware Incidents

Law In Order hit by ransomware attack

Law In Order, an Australian supplier of document and digital services to law firms, suffered a ransomware infection over the weekend that is believed to be the Netwalker malware. After detecting the attack, Law In Order said it halted many of its business operations and called in cyber security advisers to assist in the investigation and incident response.

New WAPDropper malware stealthily subscribes you to premium services

Security researchers are warning of a new malware family that currently targets mobile phone users to subscribe them silently to legitimate premium-rate services. Named WAPDropper, the malware is a multi-function dropper that can deliver second-stage malware and uses a machine learning solution to bypass image-based CAPTCHA challenges.