W-2 Breach Count Hits 24, Rising Fast as More Organizations Get Phished

Tax season has begun, and with it comes renewed opportunity for cybercriminals to steal W-2 information in order to file fraudulent tax returns or sell employee data on the dark web. The past two weeks have seen at least 24 organizations publicly tied to W-2 data breaches — and more breach announcements will likely be made in the coming months.… Read More

Organizations Struggle with Third Party and Supply Chain Cybercrime, Says New Report

The past year saw organizations struggle with third-party issues as malicious actors shifted their tactics towards weak points in the supply chain and exploited the interconnected nature of cybercrime, according to a new report from SurfWatch Labs. “One of the most telling statistics in all of SurfWatch Labs’ evaluated cyber threat data is the rise of… Read More

San Francisco Muni Refuses Extortion Demands, But Many Others Choose to Pay

The San Francisco Municipal Transportation Agency (SFMTA) is continuing to deal with the fallout from a Friday ransomware attack that affected 900 office computers and led to passengers getting free rides as ticket machines were taken offline. The agency has since restored systems from a backup, and fares have been running as normal since Sunday; however, the… Read More

Recent Campaigns Highlight Evolving Social Engineering Tactics

Over the past month, researchers have observed several new phishing campaigns that demonstrate a more sophisticated and targeted approach to social engineering by threat actors. For example, on Monday Trustwave wrote about the Carbanak gang targeting the hospitality and restaurant sectors. The actors began the attack by using public tools such as LinkedIn to find the names… Read More

Yahoo and Others Face Cybercrime-Related Brand Damage

A month after announcing one of the largest data breaches ever, Yahoo is continuing to deal with the subsequent fallout and reputation damage related to that massive cyber theft. On September 22, Yahoo confirmed that information associated with at least 500 million user accounts was stolen. The day after that breach announcement, Yahoo saw a 474 percent rise in… Read More

DDoS Attacks Dominate News, Spark Calls for Regulation

Last week’s massive distributed denial-of-service (DDOS) attacks, which made popular websites and services inaccessible to users across the East Coast and elsewhere, has since led to widespread concern about insecure Internet-connected devices and calls for government agencies to get involved in order to ensure those devices are secured against future attacks. In fact, the attack against… Read More

Malicious Insiders Remain a Difficult and Growing Problem

Earlier this month, the Department of Justice unsealed a criminal complaint against a contractor for the National Security Agency, alleging the theft of highly classified information. Like Edward Snowden in 2013, Harold Thomas Martin III, 51, of Glen Burnie, Maryland, worked for Booz Allen Hamilton and is accused of exploiting his insider access in order… Read More

Fraudsters Exploit Hurricane Matthew to Create More Victims

Hurricane Matthew is over — having been officially downgraded on Sunday — and a clearer picture of the aftermath has begun to emerge. More than 1,000 people were killed by the hurricane, including at least 35 in the United States. Although the storm has moved out to sea, flooding continues here in the U.S., and in Haiti, which was hit… Read More

WADA, Presidential Election Highlight Threat of Data Being Altered

Last week the World Anti-Doping Agency (WADA) released an update about its investigation into the recent hack and subsequent leaks of Olympic Athletes’ confidential information, and one of the more interesting revelations was that some of the stolen data may have been manipulated prior to being leaked. “WADA has determined that not all data released… Read More

Stolen Data, Extortion and the Media: A Look at TheDarkOverlord

After making headlines by targeting a number of healthcare organizations over the summer, the cybercriminal actor known as TheDarkOverlord re-emerged last week with a new victim: California investment bank WestPark Capital. As we noted in last week’s cyber risk roundup, the leak of documents from WestPark Capital is the first time SurfWatch threat analysts have observed TheDarkOverlord targeting… Read More