Iowa’s largest school district confirms ransomware attack, data theft

June 19, 2023

Des Moines Public Schools, Iowa’s largest school district, confirmed today that a ransomware attack was behind an incident that forced it to take all networked systems offline on January 9, 2023. […] Read More

BleepingComputer

30,000+ Individuals Impacted in Fidelity Investments Third-party Data Breach

[[{“value”:”

Over 30,000 individuals have been left vulnerable after a third-party data breach involving Fidelity Investments Life Insurance Company (FILI).

The breach, orchestrated through Infosys McCamish (IMS), a third-party service provider, has raised serious concerns about the security measures to protect sensitive customer information.

A Breach of Trust and Data

Fidelity Investments, a cornerstone in the financial services sector, found itself precarious when IMS notified them in November of a “cybersecurity event” that had severely disrupted its services.

Document

Integrate ANY.RUN in your company for Effective Malware Analysis

Are you from SOC and DFIR teams? – Join With 400,000 independent Researchers

Malware analysis can be fast and simple. Just let us show you the way to:

Interact with malware safely
Set up virtual machine in Linux and all Windows OS versions
Work in a team
Get detailed reports with maximum data

If you want to test all these features now with completely free access to the sandbox: ..

An investigation conducted with a third-party firm’s assistance revealed that IMS’s systems were compromised between October 29 and November 2.

The breach allowed unauthorized access to critical data, including names, Social Security numbers, states of residence, and even bank account details.

Jeff Margolies, chief product and strategy officer at Saviynt, emphasized the growing threat of third-party breaches, stating, “Enterprises are highly reliant on third-party service providers, who are now often the easiest vector into an enterprise’s most critical data.”

The breach has resulted in the exposure of personal information belonging to approximately 30,000 individuals.

According to the Maine.gov submission, the affected individual’s personal information has been compromised.

Fidelity’s Proactive Measures

Fidelity has taken several steps to mitigate the impact on affected individuals in response to the breach.

The company is reviewing its records to identify all impacted parties and is working closely with IMS to address the breach’s ramifications.

Additionally, Fidelity offers affected customers 24 months of free credit monitoring through TransUnion Interactive and advises them to review their financial statements and credit reports vigilantly for any suspicious activity.

Data Breach Notifications

The breach has prompted a formal notification process, with Fidelity Investments Life Insurance & Empire Fidelity Investments Life Insurance, based in Smithfield, United States, disclosing the breach’s details.

Brian Leary, Chief Compliance Officer, has been at the forefront of this communication, emphasizing the company’s commitment to transparency and rectification.

Entity InformationDetailsType of OrganizationFinancial ServicesEntity NameFidelity Investments Life Insurance & Empire Fidelity Investments Life InsuranceAddress900 Salem Street, Smithfield, United StatesTotal Number of Persons Affected28,268Total Number of Maine Residents Affected162Breach Occurrence Dates10/29/2023 – 11/02/2023Breach Discovery Date02/13/2024Description of the BreachExternal system breach (hacking) due to third-party software vulnerability at Infosys McCamish Systems LLC

As Fidelity Investments navigates through the aftermath of this breach, the incident serves as a stark reminder of the vulnerabilities inherent in relying on third-party service providers.

It highlights the critical need for stringent cybersecurity measures and proactive monitoring to safeguard against such breaches in the future and ensure the protection of individuals’ sensitive information.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

The post 30,000+ Individuals Impacted in Fidelity Investments Third-party Data Breach appeared first on Cyber Security News.

“}]] Read More

Cyber Security News

Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks

[[{“value”:”The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider (CSP) environments in a bid to exfiltrate sensitive data.
"Organizations often store a variety of data in SaaS applications and use services from CSPs," Palo Alto Networks Unit 42 said in a report published last week.
"The threat”}]] Read More

The Hacker News | #1 Trusted Cybersecurity News Site

21 Newly Uncovered Malware Variants Attacks MacOS Users

[[{“value”:”

The “Security 360: Annual Trends Report 2024” provides a comprehensive overview of the evolving cybersecurity landscape, focusing on device risks, application risks, malware and attack evolution, and web-based risks.

It emphasizes the importance of understanding and mitigating these risks to protect valuable business secrets and personal information.

This article examined the impact of security trends on 15 million Jamf-protected devices across 90 countries, including iOS, macOS, iPadOS, Android, and Windows, over 12 months that analysis occurred in Q4 2023.

You can analyze a malware file, network, module, and registry activity with the ANY.RUN malware sandbox, and the Threat Intelligence Lookup that will let you interact with the OS directly from the browser.

Threat Landscape Evolution

The report highlights the continuous evolution of the threat landscape, noting an increase in sophisticated attack vectors aimed at compromising devices, tricking users, and infiltrating organizations.

It points out that 8% of organizations had a mobile device accessing a third-party App Store, and 40% of mobile users were running a device with known vulnerabilities, underscoring the prevalence of device risks.

The analysis also reveals that 2.5% of devices had a vulnerable application installed, indicating significant application risks.

The report identifies various attack vectors, including social engineering tactics that have become more compelling. It stresses the importance of protecting users from these attacks.

It highlights the need for organizations to be vigilant against threats targeting all platforms, whether the devices are company-owned or BYO (bring your own).

Device, Application, Malware, and Web-based Risks

Device Risks: The complexity of modern devices introduces new vulnerabilities, with 40% of mobile users running devices with known vulnerabilities. The report emphasizes the importance of maintaining up-to-date operating systems to mitigate these risks.

Application Risks: Both native and web applications pose risks, with vulnerabilities needing management within the application software. The report found that 2.5% of devices had a vulnerable application installed.

Malware and Attack Evolution: The report discusses the evolution of malware and attacks, including the increasing sophistication of social engineering tactics.

Web-based Risks: The prevalence of web-based threats is highlighted, with findings that the Firewall feature was disabled on 55% of Macs, indicating a lack of basic security measures.

Based on research, here is a complete list of all the new Mac malware cases we studied and counted in 2023:

Malware family% of all Mac malwareAdware36.77PUA35.24Trojan17.96Exploit4.40Ransomware2.00Downloader0.92Hacktool0.67Coinminer0.64Certificate0.64Dropper0.56Infostealer0.25Spyware0.23Malware0.20Keylogger0.04Network0.026Virus0.01Rogue0.01Hyperlink0.01

Phishing

Phishing is the greatest web danger because of its low effort and high success rate. 9% of users were phished in 2023, up 1% from 2022.

This increase in phishing instances shows attackers’ shift toward directly targeting individuals, frequently via social media, to exploit remote or hybrid workforces using personal devices for work.

Phishing is the top threat, and for good reason: minimal effort for maximum success (Source: Jamf)

According to the survey, mobile devices were 50% more effective for phishing attempts than Macs, emphasizing the need for enterprises to improve data security and educate users.

Cryptojacking

Cryptojacking affects 1% of devices and 9% of companies, making it a significant danger. Cryptojacking, initially warned of in 2011, increased 399% in the first half of 2023 to 332.3 million instances.

Threat actors now profit from cryptojacking, not only resource theft. According to the paper, Jamf Threat Labs discovered cryptojacking malware in pirated macOS software, indicating its pervasiveness and the importance of enterprises taking it seriously.

To combat these threats, the report recommends adopting industry best practices such as using integrated management and security products, hardening endpoints, keeping operating systems and applications up-to-date, and implementing multi-layered, defense-in-depth protections.

These practices are essential for managing threat exposure and enhancing organizations’ overall security posture.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are extremely harmful, can wreak havoc, and damage your network.