Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

Credit to Author: BrianKrebs| Date: Thu, 07 Nov 2019 19:48:03 +0000

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a larger review of how security — or the lack thereof — may be impacting patient outcomes.

Read more

NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover Storm

Credit to Author: BrianKrebs| Date: Sun, 03 Nov 2019 21:41:48 +0000

Banking industry giant NCR Corp. [NYSE: NCR] late last month took the unusual step of temporarily blocking third-party financial data aggregators Mint and QuicBooks Online from accessing Digital Insight, an online banking platform used by hundreds of financial institutions. That ban, which came in response to a series of bank account takeovers in which cybercriminals used aggregation sites to surveil and drain consumer accounts, has since been rescinded. But the incident raises fresh questions about the proper role of digital banking platforms in fighting password abuse.

Read more

Cachet Financial Reeling from MyPayrollHR Fraud

Credit to Author: BrianKrebs| Date: Fri, 25 Oct 2019 00:50:44 +0000

When NY based cloud payroll provider MyPayrollHR unexpectedly shuttered its doors last month and disappeared with $26 million worth of customer payroll deposits, its payments processor Cachet Financial Services ended up funding the bank accounts of MyPayrollHR client company employees anyway, graciously eating a $26 million loss which it is now suing to recover.

Read more

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

Credit to Author: BrianKrebs| Date: Mon, 02 Sep 2019 20:52:00 +0000

Federal prosecutors in California have filed criminal charges against four employees of Adconion Direct, an email advertising firm, alleging they unlawfully hijacked vast swaths of Internet addresses and used them in large-scale spam campaigns. KrebsOnSecurity has learned that the charges are likely just the opening salvo in a much larger, ongoing federal investigation into the company’s commercial email practices.

Read more

Phishers are Angling for Your Cloud Providers

Credit to Author: BrianKrebs| Date: Fri, 30 Aug 2019 16:21:59 +0000

Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers. Here’s a look at a recent CRM-based phishing campaign that targeted customers of Fortune 500 construction equipment vendor United Rentals.

Read more

The Rise of “Bulletproof” Residential Networks

Credit to Author: BrianKrebs| Date: Mon, 19 Aug 2019 13:03:32 +0000

Cybercrooks increasingly are anonymizing their malicious traffic by routing it through residential broadband and wireless data connections. Most often, those connections are hacked computers, mobile phones, or home routers. But this is the story of a sprawling “bulletproof residential VPN” service that appears to have been built by acquiring chunks of Internet addresses from some the largest ISPs and mobile data providers in the United States and abroad.

Read more

SEC Investigating Data Leak at First American Financial Corp.

Credit to Author: BrianKrebs| Date: Mon, 12 Aug 2019 20:30:17 +0000

The U.S. Securities and Exchange Commission (SEC) is investigating a security failure on the Web site of real estate title insurance giant First American Financial Corp. that exposed more than 885 million personal and financial records tied to mortgage deals going back to 2003, KrebsOnSecurity has learned.

Read more

Who Owns Your Wireless Service? Crooks Do.

Credit to Author: BrianKrebs| Date: Wed, 07 Aug 2019 22:43:58 +0000

Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary. A noticeable uptick in SIM-swapping attacks that lead to multi-million dollar cyberheists. If you are somehow under the impression that you — the customer — are in control over the security, privacy and integrity of your mobile phone service, think again. And you’d be forgiven if you assumed the major wireless carriers or federal regulators had their hands firmly on the wheel.

Read more