Tuesday 6/4
CRN®, a brand of The Channel Company has named Gotham Technology Group to their 2019 Solution Provider 500 list at spot #181.
This annual list ranks the largest North American IT channel partner organizations by revenue. The Solution Provider 500 is the industry standard for recognizing the highest performing technology integrators, strategic service providers and IT consultants.
http://bit.ly/3175GNj
Quest Diagnostics says 11.9 million patients affected by data breach
According to the filing, the breach was a result of malicious activity on the payment pages of the American Medical Collection Agency, a third-party collections vendor for Quest. The “unauthorized user” siphoned off credit card numbers, medical information and personal data from the site. Laboratory test results were not among in the stolen data, Quest said.
https://tcrn.ch/2KpQ95r
New HiddenWasp Linux Malware Focused Solely on Achieving Targeted Remote Control
Targeted remote control isn’t the usual objective of Linux-based malware. One of these goals involves launching distributed denial-of-service (DDoS) attacks against targeted systems. The other common end is mining for cryptocurrency.
https://ibm.co/2WN6ZSg
Wednesday 6/5
Checkers restaurant chain discloses card breach
Checkers and Rally's, one of the biggest drive-thru restaurant chains in the US, disclosed a security incident yesterday that impacted over 100 locations. In a security notice published on its website, the company said hackers breached its systems and planted malware on its payments processing system.
https://zd.net/2WKOYUK
BlackSquid malware uses bag of exploits to drop cryptocurrency miners
The overall aim is to compromise web servers, network drives, and removable storage to install XMRig, a Monero cryptocurrency miner script, on target machines.
https://zd.net/2WH7aPf
HawkEye Malware Operators Renew Attacks on Business Users
HawkEye is designed to steal information from infected devices, but it can also be used as a loader, leveraging its botnets to fetch other malware into the device as a service for third-party cybercrime actors.
https://ibm.co/2XpYdql
Thursday 6/6
Google Cloud Network Disruption Blamed On Configuration Change
A configuration change was the culprit behind Google Cloud’s almost four-hour network service disruption on Sunday that slowed or prevented the use of Google services including Google Cloud Platform, YouTube, Gmail and Google Drive, according to the cloud provider.
http://bit.ly/2KvSQCp
Mailboard: Hackers can now pose as victims through their keyboards
On Wednesday, researchers said they have developed a new form of attack, dubbed Malboard, which is able to evade detection products "that are intended to continuously verify the user's identity based on personalized keystroke characteristics."
https://zd.net/2MzO3Ta
Friday 6/7
CCTV cameras enslaved to infiltrate air-gap networks
"In an infiltration scenario, an attacker standing in a public area (e.g., in the street) uses IR LEDs to transmit hidden signals to the surveillance camera(s)," the paper reads. "Binary data such as command and control (C&C) and beacon messages are encoded on top of the IR signals."
https://zd.net/2WvfKB2
Android malware once found a way onto phones before they even shipped
Given the way that Android ROMs work, it’s a near-impossibility for even big companies to build ROMs that don’t include some kind of third-party code. Google says that it offers OEMs a “Build Test Suite” which can scan for malware like Triada to help mitigate such risks.
http://bit.ly/2HZXBCF
NSA Warns Microsoft Windows Users: Update Now or Face ‘Devastating Damage’
In an advisory published this week, the NSA has urged "Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threat." That threat being BlueKeep.
http://bit.ly/2K2Z658