Categories
APT Arbitrary Code Execution Hacking Malware MiTM Phishing Ransomware Vulnerability

Mount Locker demands millions in ransom, WannaCry ransomware attack target IoT devices, and more

Major cybersecurity events on 25th September 2020 (Evening Post): Russian citizen pleads guilty after being accused of offering a Tesla employee $1 million to enable a ransomware attack. Airbnb may be exposing private host inbox messages, bookings and earnings data.

Round Up of Major Breaches and Scams

Officials: Washington Being Targeted by Phishing Campaign

Washington state is among those being targeted by a “large-scale, highly sophisticated” nationwide phishing campaign, the office of Gov. Jay Inslee said Thursday. At a press conference Thursday, Inslee said that the state is taking proactive measures to protect state systems, but he said that no ransomware activity has occurred among the agencies targeted, and no state services have been impacted.

Maryland Man Gets 12 Months in Prison for Hacking Former Employer

A Maryland man was sentenced to 12 months and one day in prison for hacking into and damaging the computers of his former employer. From January 5, 2004, through August 6, 2015, the man, Shannon Stafford, 50, of Crofton, Maryland, was employed at an unnamed international company with thousands of offices worldwide, in the IT department. Employed at the company’s Washington office, Stafford provided IT technical support to the organization’s Washington, McLean, Virginia, and Baltimore offices.

Round Up of Major Malware and Ransomware Incidents

Mount Locker Ransomware Demanding Ransom Payments in the Millions

A new ransomware strain called “Mount Locker” is demanding that victims pay multi-million dollar ransom payments to recover their data. According to Bleeping Computer, the ransomware first began making the rounds in July 2020. The malicious actors responsible for this threat took a cue from other crypto-malware gangs by stealing victims’ unencrypted data and threatening to publish the data unless they received payment.

Russian Pleads Not Guilty in Foiled Tesla Ransomware Plot

A Russian citizen accused of offering a Tesla employee $1 million to enable a ransomware attack at the electric car company’s plant in Nevada denied wrongdoing Thursday before a federal magistrate judge. “I’m not guilty,” Egor Igorevich Kriuchkov said in response to a charge of conspiracy to intentionally cause damage to a protected computer. He said earlier in the hearing that he wanted “to go through the whole process as fast as possible.”

WannaCry Has IoT in Its Crosshairs

The wide variety of devices attached to the Internet of Things offers a rich target for purveyors of ransomware. Ransomware attacks are on the rise. SonicWall reported a 109% increase in ransomware the US during the first half of 2020. Due to relatively low execution costs, high rates of return, and minimal risk of discovery compared with other forms of malware, ransomware has quickly become a preferred method of attack for cybercriminals.

Round Up of Major Vulnerabilities and Patches

Fortinet VPN with Default Settings Leave 200,000 Businesses Open to Hackers

As the pandemic continues to accelerate the shift towards working from home, a slew of digital threats have capitalized on the health concern to exploit weaknesses in the remote work infrastructure and carry out malicious attacks. Now according to network security platform provider SAM Seamless Network, over 200,000 businesses that have deployed the Fortigate VPN solution to enable employees to connect remotely are vulnerable to man-in-the-middle (MitM) attacks.

Airbnb may be exposing private host inbox messages, bookings and earnings data

Airbnb may be at the heart of a severe security incident as hosts report they are able to inadvertently access private inboxes that are unrelated to their accounts. On Thursday, Airbnb hosts flooded Reddit, querying the sudden appearance of inboxes that do not belong to them when they signed into the service. In screenshots of an inbox shared on the platform, Reddit user “Autocasa” said that they had “no association with these people or their apartment names.”

Multiple Vulnerabilities in Microsoft Edge Could Allow for Arbitrary Code Execution

Multiple vulnerabilities have been discovered in Microsoft Edge, the most severe of which could allow for arbitrary code execution. Microsoft Edge is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view, change, or delete data.