• 330 SPAR stores close or switch to cash-only payments after a cyberattack
    by Pierluigi Paganini on December 6, 2021 at 7:40 pm

    A cyber attack hit the international supermarket franchise SPAR forcing 330 shops in North East England to shut down. A cyberattack hit the international supermarket franchise SPAR impacting the operations at 330 shops in North East England. Many stores were forced to close or switch to cash-only payments after the attack. SPAR operates 13,320 stores The post 330 SPAR stores close or switch to cash-only payments after a cyberattack appeared first on Security Affairs.

  • DMEA Colorado electric utility hit by a disruptive cyberattack
    by Pierluigi Paganini on December 6, 2021 at 3:55 pm

    A ransomware attack hit an electric utility in Colorado causing a significant disruption and damage. The Delta-Montrose Electric Association (DMEA) is a local electric cooperative located in Colorado, it is part of Touchstone Energy Cooperatives. The company has discovered a security breach on November 7, the attack disrupted phone, email, billing, and customer account systems. The The post DMEA Colorado electric utility hit by a disruptive cyberattack appeared first on Security Affairs.

  • Ubiquiti breach an inside job, says FBI and DoJ
    by Christopher Burgess on December 6, 2021 at 1:17 pm

    The recent unsealing of a grand jury multi-count indictment for Nikolas Sharp provides a unique and convoluted series of criminal events. It seems Sharp undertook to put approximately $2 million into his pocket via a data theft and extortion effort, with a twist of “whistleblower” claims thrown in to confuse investigators in an attempt at self-exoneration. As with many criminal enterprises, they reach their point of collapse when everything goes toes up. When Sharp’s employer Ubiquiti Networks essentially told the criminal extorting them to pound sand, they no doubt felt this grand scheme was dying a fast death.    According to Sharp’s LinkedIn page, he had the role of “cloud lead” for Ubiquiti from August 2018 to March 2021. By all accounts, he was a trusted member of the Ubiquiti team. To read this article in full, please click here

  • Threat actors stole more than $150 million worth of cryptocurrency tokens from BitMart platform
    by Pierluigi Paganini on December 6, 2021 at 11:40 am

    Threat actors stole more than $150 million in various cryptocurrencies from the cryptocurrency trading platform BitMart. Cryptocurrency trading platform BitMart has disclosed a security breach, threat actors stole than $150 million in various cryptocurrencies. “We have identified a large-scale security breach related to one of our ETH hot wallets and one of our BSC hot The post Threat actors stole more than $150 million worth of cryptocurrency tokens from BitMart platform appeared first on Security Affairs.

  • Cuba Ransomware Nets Nearly $50m
    on December 6, 2021 at 11:15 am

    Threat actors behind the Cuba ransomware variant have amassed $44m

  • Nine State Department Phones Hijacked by Spyware
    on December 6, 2021 at 10:38 am

    NSO Group “shuts down” customers after Uganda-linked operation

  • A security practitioner's take on CISA’s Incident and Vulnerability Response Playbooks
    by Chris Hughes on December 6, 2021 at 10:00 am

    President Joe Biden’s Executive Order on Improving the Nation’s Cybersecurity tasked the U.S. Cybersecurity and Infrastructure Security Agency (CISA) with developing a standard set of operational procedures for the Federal Civilian Executive Branch (FCEB) to use when responding to incidents and vulnerabilities. CISA recently released the Cybersecurity Incident & Vulnerability Response Playbooks as a single document. While this guidance is intended for FCEBs, it may be applicable to other entities as well. To read this article in full, please click here(Insider Story)

  • Malware variability explained: Changing behavior for stealth and persistence
    by Andrada Fiscutean on December 6, 2021 at 10:00 am

    Cybercriminal gangs from Eastern Europe have always followed a rule: Don't steal from Russians or their former Soviet allies. Groups like REvil or DarkSide put kill switches inside their malicious code, checking if the language on the machine it lands on is Russian, Ukrainian, Georgian, Armenian, or Romanian. If it is, the malware simply fails to install. To read this article in full, please click here(Insider Story)

  • Romance Fraudster Targeted 670 Women Online
    on December 6, 2021 at 9:07 am

    Nigerian romance fraudster awaits sentencing after pleading guilty

  • Hackers are sending receipts with anti-work messages to businesses’ printers
    by Pierluigi Paganini on December 6, 2021 at 8:54 am

    Hackers are targeting printers of businesses around the world to print ‘anti-work’ slogans pushing workers to demand better pay. Multiple employees are sharing on Twitter and Reddit the images of anti-work messages sent to the printers of their organizations. The messages encourage workers to protect their rights and discuss their pay with coworkers and demand The post Hackers are sending receipts with anti-work messages to businesses’ printers appeared first on Security Affairs.