Texas Ransomware Attack Affects 23 Government Agencies
The Texas Department of Information Resources (DIR) has issued a statement confirming the state has experienced a major ransomware incident that has affected multiple agencies. For security reasons, the names of the affected agencies have not been released, but DIR has confirmed that at least 23 government entities have been affected by “a coordinated ransomware attack.’ The systems and networks of the State of Texas were not...
Xwo Web Scanner Used to Identify Unprotected MongoDB Databases
Security researchers at AT&T Alien Labs have identified a new ‘malware’ variant that is being used to identify potential targets. The web scanner has been named Xwo, based on the name of its main module. Xwo is python-based and actively scans for exposed web services and default passwords. Xwo scans for services such as MongoDB, Memcached, MySQL, PostgreSQL, Redis, Tomcat, and FTP for any default credentials that have not been...
August 2019 Patch Tuesday Sees More Than 90 Vulnerabilities Patched
August 2019 Patch Tuesday has seen Microsoft issue fixes for 93 vulnerabilities across Windows, Microsoft Browsers, Microsoft Office, and Outlook. 26 of the vulnerabilities have been rated critical. Somewhat unusually, there are no patches to address currently exploited zero-day vulnerabilities in this month’s updates; however, it is still important to apply the updates as soon as possible as it is unlikely to be long before exploits...
Massive 540+ Website Spoofing Campaign Identified
A massive spoofing campaign has been detected targeting customers of Walmart and other well-known brand which attempts to get them to part with sensitive personal information. The campaign was detected by DomainTools, which identified more than 540 malicious domains that had been set up by the same threat actor. The websites included job sites, online dating sites, movie download sites, and numerous sites targeting fortune 500 brands...
2019: A Particularly Bad Year for Healthcare Data Breaches
Cyberattacks on healthcare organizations have continued to increase throughout the first half of 2019 and this year has seen the discovery of the second largest healthcare data breach ever reported. American Medical Collection Agency experienced a cyberattack in which the records of more than 20 million patients were exposed and potentially stolen. It should be no surprise to hear that in terms of both the number of healthcare data...