Business ID Theft Soars Amid COVID ClosuresIdentity thieves who specialize in running up unauthorized lines of credit in the names of small businesses are having a field day with all of the closures and economic uncertainty wrought by the COVID-19 pandemic, KrebsOnSecurity has learned. This story is about the victims of a particularly aggressive business ID theft ring that's spent years targeting small businesses across the country and is now pivoting toward using that access for pandemic assistance loans and unemployment benefits.
ShinyHunters Offers Stolen Data on Dark WebThe threat actor offers more than 26 million records from a series of data breaches.
Ratings for Open Source Projects Aim to Make Software More SecureTwo companies have teamed up to rate open source projects, but can adopting repository ratings help developers make better decisions regarding open source?
Microsoft Revamps Windows Insider Preview Bug Bounty ProgramResearchers can earn up to $100,000 for finding vulnerabilities in Microsoft's revamped Windows Insider Preview bug bounty program.
Ransomware attack on Garmin thought to be the work of 'Evil Corp'
Russian cybercrime gang is believed to be responsible for taking Garmin services offline
A ransomware attack that took the GPS and smartwatch business Garmin entirely offline for more than three days is believed to have been carried out by a Russian cybercriminal gang which calls itself “Evil Corp”.
Garmin began to restore services to customers on Monday morning, after being held hostage for a reported ransom of $10m, although some services were still operating with limited functionality.
Ransomware is the most common form of criminal malware currently in use. Targets are commonly infected through malicious emails, which may trick them into downloading and running the software, or through exploiting vulnerabilities in other software such as Adobe Flash. When the ransomware program is activated, it encrypts the user’s hard drive with a single use encryption key, before flashing up a message asking for ransom, typically in the form of a payment in the cryptocurrency Bitcoin.
Related: Garmin down: how to still get your activities on to StravaContinue reading...
Attackers Exploiting High-Severity Network Security Flaw, Cisco WarnsAttackers are exploiting a high-severity vulnerability in Cisco's network security software products, which is used by Fortune 500 companies.
CISA says 62,000 QNAP NAS devices have been infected with the QSnatch malwareQSnatch malware, first spotted in late 2019, has grown from 7,000 bots to more than 62,000, according to a join US CISA and UK NCSC security alert.
Almost 4,000 databases now wiped in ‘Meow’ attacks
The attackers and their motivations remain unknown; however, the incidents yet again highlight the risks of careless data security
The post Almost 4,000 databases now wiped in ‘Meow’ attacks appeared first on WeLiveSecurity