If you have an iCloud account, it's time to change your password now. A London-based hacker group calling itself the Turkish Crime Family is threatening to reset the passwords for 250 million iCloud accounts and remotely wipe customer data unless Apple pays $75,000 in ransom by April 7. Some security experts have been skeptical of the claim, but investigation by others has revealed an undetermined number of accounts are likely at risk. • Read More
Users of Docs.com, Microsoft's free document-sharing site tied to Office 365, may be surprised to discover the documents they've been posting are being indexed by search engines and shared publicly. Researchers have been able to get access to documents containing sensitive information simply by using the site's search bar to search for terms like "passwords," "SSN," or "account number". • Read More
Ransomware attacks are rarely reported by healthcare organizations as data breaches, but that may be starting to change. An Austin-based provider became the second urology practice in as many weeks to provide their patients with notice their data may have been compromised by a ransomware attack. •Read More
During the past year, Let's Encrypt has issued a total of 15,270 SSL certificates that contained the word "PayPal" in the domain name or the certificate identity. Of these, approximately 14,766 (96.7%) were issued for domains that hosted phishing sites. •Read More
New data from network security provider WatchGuard indicates nearly one third of malware attacks utilize samples that are new and considered "zero-day" because it's managed to avoid prior discovery. • Read More
New easy-to-use ransomware-as-a-service (RaaS) platforms are giving even novice cyber-criminals the ability to launch sophisticated — and profitable — attacks.
With demand for RaaS skyrocketing and more and more malware developers rushing to meet it, we're seeing the creation of a new highly competitive (and increasingly innovative) ransomware marketplace. As a result, companies need to be prepared to face a larger number and wider variety of ransomware attacks than ever. • Read More
Since its discovery in January 2017, Satan has quickly gained notoriety as one of the most polished and "user-friendly" RaaS platforms to date. Its easy-to-use online portal provides criminals with everything they need to launch and track ransomware campaigns, including code for encrypting their samples to help them evade detection.
Learn how Satan works, how to know if you've been infected, and see how Barkly stops Satan ransomware samples with runtime malware defense. • Read More
Attackers behind Cerber ransomware, currently one of the most active ransomware families, have adopted a new technique designed to sneak their malicious code past security solutions that rely on machine learning.
Find out how they're doing it and what adjustments you need to make to prevent your organization from getting infected. • Read More
That's a wrap for this week. To get updates like these delivered straight to your inbox subscribe to our blog.