Tag Archives: Cybercriminals

10Fold- Security Never Sleeps- 141

Stolen Health Record Databases Sell For $500,000 In The Deep Web

“Underground cybercriminals increasingly targeting medical records”

Medical insurance profiles and electronic health record databases are attracting the eyes of criminals looking to steal the information to sell in the deep web. New reports show that EHR databases can sell for upwards of $500,000 on the Deep Web, and other smaller pieces of information (like insurance ID information, or medical identities) still fetch a pretty penny.

Google prevents 10 million malicious emails every 60 seconds

“Gmail users are being attacked at astonishing rates”

The Google Security Blog has posted earlier today that the security systems Google employs stop nearly over 10 million unsafe or spam emails every minute that would very likely infect the users computer. In San Francisco at last weeks RSA Conference Google contrasted threats to Google consumer vs. corporate accounts, stating that corporate users are at a greater risk to attack.

Serious Breach Linked to Chinese APTs Comes to Light

“New vulnerability affects several major organizations”

The attacks, occuring in 2015, appear to be linked to cybercriminals that many claim to be centered in China. RSA reports from earlier this month describes that Kingslayer, a supply chain attack that targeted many large organizations, breached the systems of a firm that provides event log analyzers and replaced a legitimate application with a backdoor version that allows for remote access.

 Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 109

UK Government Agencies Illegally Spied On Citizens For 17 Years

“Senior judges rule against government and expose programs”

The Investagory Powers Tribunal has investigated a complaint from the Privacy International organization. The Tribunal concluded that the collection that various British intelligence agencies had been engaged in- including the tracking of medical, tax, phone and web records for over 15 years- was not justified under its 1984 Telecommunications Act. The legislation was originally intended to be used as a national security bill, set in place to monitor dangerous criminals, and failed to meet the qualifications to continue the covert surveillance.

‘Dyre’ Re-Surfaces as ‘TrickBot’, Australian Financial services Targeted

“Possibly one of the worst Trojan viruses used against banks”

Australian users are currently being targeted by malicious software Dyre. The virus, now showing itself in the form of a TrickBot, is notorious for the millions in damages it caused since mid-2014 in Western financial circles. While the original malware disappeared in late 2015, it has reappeared with code upgrades that are now making available various stolen bank credentials to access wire transfers to steal from businesses and banks alike.

Magento Malware Hides Stolen Card Data in Image Files

“Innocent looking images become platform for data theft”

Cybercriminals have been running malicious programs through compromised websites on the Magneto platform. Sucuri and RiskIQ have both observed several dozen attacks that ended with the theft of card swiping data and several malicious PHP dumps of data into an image file.