The Metropolitan Police Department has confirmed that they suffered a cyberattack after the Babuk ransomware gang leaked screenshots of stolen data. The Metropolitan Police Department, also known as the DC Police or MPD, is the primary law enforcement agency for Washington, DC, the US capital. In a statement to BleepingComputer, the DC Police stated that…
A financially motivated threat actor exploited a zero-day bug in SonicWall SMA 100 Series VPN appliances to deploy new ransomware known as FiveHands on the networks of North American and European targets. The group, tracked by Mandiant threat analysts as UNC2447, exploited the CVE-2021-20016 SonicWall vulnerability to breach networks and deploy FiveHands ransomware payloads before patches were…
FBI shares with HIBP 4 million email addresses involved in Emotet attacks | IT Security News 27. April 2021 The FBI has shared with Have I Been Pwned service 4 million email addresses collected by Emotet botnet and employed in malware campaigns. Last week, European law enforcement has conducted an operation aimed at performing a…
A Rochester Institute of Technology sophomore discovered a vulnerability on a partner website of Experian that allows anyone to look up credit scores with a name and mailing address. Bill Demirkapi found the leak when he was looking for information about student loan vendors online. He discovered the code behind a page that used an…
Endpoint Security , Governance & Risk Management , Identity & Access Management Bureau Shares Emails of Those Affected With Have I Been Pwned Breach Notification Service Jeremy Kirk (jeremy_kirk) • April 27, 2021 Photo: FBI The FBI has shared 4.3 million email addresses stolen by the Emotet malware with the Have I Been…
Executive Summary Informations Name CVE-2021-1084 First vendor Publication 2021-04-29 Vendor Cve Last vendor Modification 2021-04-29 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
A researcher is claiming that the credit scores of almost every American were exposed through an API tool used by the Experian credit bureau, that he said was left open on a lender site without even basic security protections. Experian downplayed concerns from the security community that the issue could be systemic.
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Fraud Risk Management Coalition Offers a Framework for Disrupting Attacks Scott Ferguson (Ferguson_Writes) • April 29, 2021 A coalition of government agencies and security firms has released a framework for how to disrupt ransomware attacks that calls for expanded regulation of…
UK rail network Merseyrail was hit by a cyberattack, ransomware operators breached the corporate email system to disclose the attack to employees and journalists. UK rail network Merseyrail, which operates rail services across Merseyside, announced it was a victim of a cyber attack. A ransomware gang has also compromised the email system of the organization to…
CISO Trainings , Recruitment & Reskilling Strategy , Training & Security Leadership Study Points to Need for Extensive On-the-Job Training Prajeet Nair (@prajeetspeaks) • April 29, 2021 Clar Rosso, CEO of (ISC)2 – Photo: (ISC)2 Only 13% of cybersecurity professionals in North America had a cybersecurity education before getting into the sector, according…
