Barnes and Noble Customers Might Be More Exposed in Ransomware Attack Than Company Admits
Millions of Dickey's Restaurant customers' data for sale on the dark web, DOJ indicts botnet-related money-laundering group members, C-Span's Scully lied about hack, Iran admits cyberattacks, more
Plugging away: check out my column today at CSO on the common pitfalls that cybersecurity researchers face when attributing attacks to specific threat actors.
Top Bookseller Barnes and Noble confirmed it suffered a cyberattack. The attack, likely a ransomware attack, took place on October 10. B & N said that its customers' personal information may have been accessed by the intruders, including email addresses, billing addresses, shipping addresses, and purchase history. Cyberintelligence firm Bad Packets said that Barnes and Noble used Pulse servers that were subject to a severe flaw (CVE-2019-11510 vulnerability) and that the loss of data could be more severe than the retailer is letting on. The cyber-break-in forced the bookseller to take its systems offline this week causing disruption for many of its customers. (Lawrence Abrams / Bleeping Computer)
Related: The Register, SlashGear, SlashGear, ZDNet Security, Threatpost, The Mac Observer, Dashlane Blog, Daily Mail, TechNadu, Techspot, Reddit - cybersecurity, Engadget, ABC News: U.S., SecurityWeek, Reddit - cybersecurity, The State of Security, Infosecurity Magazine, E Hacking News, Security Affairs, E Hacking News, HOTforSecurity, CNN.com, DataBreaches.net, Cyberscoop, Android Central, Business Insider, The Mac Observer, Dark Reading: Database Security, Security Week, Exploit One, Lifehacker, DataBreachToday.com
More Than Three Million Credit Cards Stolen at Dickey’s Barbeque Restaurants for Sale on Carding Forum
Credit card data was stolen in a lengthy data breach at more than 100 Dickey’s Barbeque Restaurant locations around the country. The carding bazaar Joker’s Stash debuted “BlazingSun,” a new batch of more than three million Dickey’s stolen card records, advertising valid rates of between 90 to 100 percent indicating that the compromise of the card data was recent. (Brian Krebs / Krebs on Security)
Related: Help Net Security, ZDNet, iMore, Cyberscoop
DOJ Indicts 14 Members of International Money Laundering Group With Ties to Malware Botnets
The Justice Department unsealed charges against fourteen members of an international money laundering group known as QQAAZZ. The group has been active since 2016 and operated by advertising its services on Russian-speaking hacker forums. QQAAZZ had connections with operators of malware botnets such as Dridex, Trickbot, and GozNym. According to the indictment, the fourteen members operated a large network of bank accounts and money mules that allowed malware gangs to funnel money from hacked accounts to new, clean destinations. (Catalin Cimpanu / ZDNet)
Related: Bleeping Computer, Infosecurity Magazine, Justice.gov, Cyberscoop, The Register - Security, Europol
C-SPAN Political Editor Scully Placed on Leave After Admission He Lied About Getting Hacked
C-Span’s senior executive producer and political editor Steve Scully has been placed on administrative leave after he admitted lying about getting hacked. Scully had been selected by the Commission on Presidential Debates to moderate a presidential debate that was ultimately canceled when Donald Trump refused to do it remotely. But, before that Scully had claimed that what appeared to be a private message with Trump friend-turned-foe Anthony Scaramucci was a hack. Earlier this week, Scully confessed that he lied in the spur of the moment about that message. (Brian Stelter / CNN)
Related: RT USA, Startups News | Tech News, The Sun, Raw Story, Axios, Daily Mail, The Guardian, TribLIVE Today's Stories, Star Tribune, AOL, Bloomberg Politics, Digg Top Stories, LA Daily News, The Seattle Times, Star Tribune, POLITICO, The Independent, Daily Beast, Stars and Stripes, Courthouse News Service, TribLIVE Today's Stories, Capital Gazette, Mediaite, BuzzFeed, Variety, Washington Examiner
Egregor Ransomware Gang Claims to Have Attacked Game Makers Ubisoft, Crytek
The Egregor ransomware gang hit French game developer Crytek in a confirmed ransomware attack and leaked what they claim are files stolen from Ubisoft's network. The Egregor hackers claim to have hacked Germany’s Ubisoft's network and have stolen unencrypted data, including the source code for the upcoming Watch Dogs: Legion game. (Lawrence Abrams / Bleeping Computer)
Related: ZDNet Security, Security Affairs, Slashdot
‘Silent Librarian’ Hacking Group Targets Academic Institutions with Phishing Emails
A group of Iranian hackers with a history of attacking academic institutions, codenamed Silent Librarian, have come back to life to launch a new series of phishing campaigns, security firm Malwarebytes says. The phishing emails contain links to a website posing as the university portal or an associated app, such as the university library. The fake websites are designed to capture victims’ login credentials. (Catalin Cimpanu / ZDNet)
Related: Tripwire, Infosecurity Magazine, The State of Security
Iran Said Two Government Agencies Have Been Hit by Cyberattacks
Iran admitted that two of its government agencies have been hit by cyberattacks. According to Abolghasem Sadeghi, Deputy Security Director of the Information Technology Organization of Iran, these cyberattacks took place on October 12 and 13, “on a large scale” but did not cause damage. Iran has not publicly identified the source of the attacks. (The Cyber Shafarat – Treadstone 71)
Related: Security Week, Security Affairs, Big News Network, RT News, Fars News Agency, Associated Press Technology, Tech Xplore
Other Cybersecurity News
- Cruise company Carnival Corporation said it suffered a ransomware attack on August 15 exposing the personal data of guests and employees of Carnival Cruise Line, Holland America Line, and Seabourn. The company is offering free credit monitoring to potential victims. (Jessica Haworth / The Daily Swig)Related: Threatpost, Security Magazine
- Cybersecurity company McAfee set the terms of its initial public offering, expecting 37 million shares to range in price between $19 and $22 per share, which could earn McAfee up to $682 million and stockholders another $132 million, for a total of $814 million. This would value the company at $9.5 billion. (Eduard Kovacs / Security Week)
Photo by Phil Hearing on Unsplash