Phishing Scam Costs Texas School District $2.3 Million

The Manor Independent School District in Texas lost $2.3 million after an employee fell for a phishing scam.   KSAT is reporting that scammers sent the phishing email to multiple people at the school district, but one person fell for the scam.   The individual, who did not realize the bank account information was changed …

Layer 7 Weekly Round Up: 01/06 Edition

THE BIG STORY 1. Travelex Currency Exchange Being Held for Ransom Foreign exchange firm Travelex is being held for ransom following a cyberattack that shut down all its computer systems. The REvil (Sodinokibi) ransomware group told BBC that it carried out the attack and is demanding $3 million, paid in bitcoin, from the company.   WE’RE …

Go Read Details About Google’s Three-Year Fight Against the Bread Group

Google has removed more than 1,700 apps infected with Bread financial-fraud malware from its Google Play store over the past three years.   In a blog post published yesterday, Google share details about its fight against the Bread group, calling it one of the most persistent threats the company has faced.   Google first started tracking …

Firefox Vulnerability Being Exploited in the Wild

Mozilla Firefox is urging users to update their browsers to the latest version, immediately.   According to TechCrunch, hackers are using a vulnerability in the Firefox browser to carry out “targeted attacks” against users.   The vulnerability, found in Firefox’s just-in-time compiler, could allow attackers to take control of a user’s entire operating system.   …

REvil Ransomware Is Being Delivered To Organizations Via Pulse Secure VPN

An unpatched vulnerability in Pulse Secure’s Zero Trust VPN is being exploited to install REvil (Sodinokibi) ransomware.   In April of last year, Pulse Secure issued a patch for the vulnerability. Unfortunately, many organizations did not apply the patch. Now, security researcher, Kevin Beaumont, is warning organizations to fix the vulnerability, immediately.   According to …

New Ransomware Targeting Organizations Corporate Network

Security researchers have discovered a new ransomware targeting organizations, Bleeping Computer reports.   According to the MalwareHunterTeam, the ransomware, dubbed SNAKE, is targeting organizations’ entire corporate network. After discovering the ransomware, last week, the MalwareHunterTeam shared it with security researcher Vitali Kremez.   An analysis of the virus found that it is written in Golang …

Key Findings: Bitdefender 2019 Hacked Off Report

Cybercriminals have and continue to evolve faster than the industry can keep up. As a result, cyber professionals have had to up their game.   A survey from Bitdefender found that more than one-third of IT security pros believe they are currently facing a cyberattack but do not know about it.   The global survey of …

Travelex Currency Exchange Being Held for Ransom

Earlier this month, Travelex, a major international foreign currency exchange, confirmed that it was hit by a malware. Now, various news sites are reporting that hackers are holding the company ransom.   The malware attack occurred on December 31, and “as a precautionary measure in order to protect data” the London-based company took its systems offline. …

Homeland Security Warns of Potential Iranian Attacks

On Saturday, the Department of Homeland Security issued a strong warning about the potential for Iranian cyberattacks against critical US infrastructure and other US-based targets, CNN reported.   Following the US airstrike that killed Iranian General, Qasem Soleimani, acting Homeland Security Secretary Chad Johnson issued a warning via the National Terrorism Advisory System — a rarely …

Serious Vulnerabilities Affecting Cisco Data Center Network Manager

Cisco has issued software updates to patch several critical and high-severity vulnerabilities in its Data Center Network Manager.   The vulnerabilities, which were reported by security researcher, Steven Seeley, are caused by static encryption keys and credentials and affect the REST API endpoint, the SOAP API endpoint, and the web-based management interface.   Although Cisco is …