This week, we present the latest stories and events in the field of email, email security, phishing, data breaches, regulations, and trends.
Ransomware in the News
I’m old enough to remember life without a computer in the house, so I was a bit surprised to learn that the first ransomware attack happened 30 years ago!
Cybercriminals have come a long way since 1989 as they continue to employ a mix of old and new tactics to scam businesses and end-users out of millions of dollars. For the second time this year, Louisiana’s state government systems were hit with ransomware. Fortunately, they were better prepared after the previous attack, so they suffered no data losses and did not pay a ransom.
Other reported incidents included:
- An attack on a Wisconsin based IT company that provides cloud hosting and security services to more than 100 nursing homes across the United States
- A ransomware attack on a school district in New Jersey
- An attack on Chicopee, Massachusetts public schools
Business Email Compromise Threats Continue
Business email compromise continues to be a growing threat due to the potential to extort large payouts from victims. A prominent incident reported last week included one in which fraudsters diverted $742,000 from the City of Ocala in Florida.
Reports of business email compromise typically discuss the facts about the incident itself – how it happened, how much money was lost, and actions taken to protect from future losses, but what is rarely reported is what legal action, if any, a company takes against the employee who was successfully tricked by one of these scams. But last week, a judge ruled on a case against an employee of a Scotland based company who was tricked into transferring approximately $200,000 to a cybercriminal.
Other Recent Incidents
Other recent incidents include:
- A hacking incident that exposed T-Mobile customers’ personal information
- A group of white-hat hackers successfully hacked Office 365, Safari, Chrome, and D-Link routers.
- Thousands of accounts hacked hours after Disney+ launched
- ProtonMail blocked in Belarus following wave of bomb threats across the country
New Trends We’re Watching
Other recent incidents show evolving threat vectors and attack techniques, including the Raccoon Stealer malware that bypasses Microsoft Messaging Gateways, a WhatsApp vulnerability that can remotely execute code, specially crafted ZIP filese used to bypass secure email gateways, Google Assistant on Android devices could be tricked into taking photos or videos, and the growing threat of fake Windows updates.
Staying informed of current and emerging threats and tactics is the first step in protecting yourself and your business. Check back often for the latest updates..