Recent Posts

Recent Blog Posts

The PhishLabs Blog

Premera Data Breach, Ransomware Targets Gamers, SSL Patch and more | TWIC - March 20, 2015

Posted by Lindsey Havens on Mar 20, '15


Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

  • Banking Regulator Issues New Phishing Alert (BankInfo Security)
    A federal banking regulatory agency has issued a warning about a new phishing campaign that aims to con consumers into disclosing personal and financial details by feigning to be a request from the regulator.
  • Open SSL Patch to Plug Severe Security Holes (KrebsOnSecurity)
    The world is about to get another reminder about just how much of the Internet runs on technology maintained by a handful of coders working on a shoestring budget. 

  • Premera Blue Cross says data breach may affect 11 million customers (CSO)
    As many as 11 million customers may have been affected by a data breach at U.S. health insurance provider Premera Blue Cross, in the second large attack against the health care industry disclosed in the last two months. 

  • TeslaCrypt is a new strain of ransomware targeting users of principal gaming platforms (Security Affairs)
    A new strain of ransomware dubber TeslaCrypt was spotted in the wild by the researchers at the security firm Emsisoft. TeslaCrypt was discovered at the end of February, researchers at Bromium that analyzed the malicious code have discovered that it was distributed through a compromised WordPress website set up to redirect visitors to a page hosting the Angler exploit kit.

  • Hackers Wield Extortion Schemes Center on Lab Test Results, Nuclear Power 'Secrets' (Data Breach Today)
    Hackers are increasingly holding data for ransom, demanding everything from bitcoins to the shutdown of nuclear reactors, under the threat of leaking sensitive information. But it's not clear how many such attacks generate revenue for attackers.

  • Massive DDoS racks up $30,000-a-day Amazon bill for China activists site flooded with 2.6 billion requests an hour (The Register)
    Chinese activist site which masks censored traffic into the country is under a sustained distributed denial of service (DDoS) attack that is racking up $30,000 a day in server costs. The website masks internet traffic from websites including Facebook and Google, so it can be seen in China, and does so using cloudy servers. 

  • Government Entities in Middle East Need Modern Security Solutions to Combat Modern Cyber Crime (infoTech)
    The Middle East has some very specific threats facing government entities. These come from regimes opposed to our politics as well as those wishing to benefit from industrial espionage. Meeting these concerns is a difficult task and one that requires a multilevel approach to security, which provides strength in depth. At the perimeter, securing services with DNS Firewall and ‘Volumetric Attack Prevention’ is critical; internal threats are more difficult to counter.

  • China Finally Admits It Has Army Of Hackers (The Hacker News)
    China finally admits it has special cyber warfare units — and a lot of them. From years China has been suspected by U.S. and many other countries for carrying out several high-profile cyber attacks, but every time the country strongly denied the claims. However, for the first time the country has admitted that it does have cyber warfare divisions – several of them, in fact.

Topics: Phishing, Malware, DDoS, Vulnerability, The Week in Cybercrime, Ransomware, Patch

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all