The US Department of Homeland Security said that unknown threat actors have targeted the US Census network during the last year in its first-ever Homeland Threat Assessment (HTA) report released earlier this week.
The US Census Bureau is the largest US federal government statistical agency responsible for collecting statistical data about the US economy and population.
This data is then used by the federal government to allocate over $675 billion in federal funds to tribal, local, and state governments every year.
Carnival Corporation, the world’s largest cruise line operator, has confirmed that the personal information of customers, employees, and ship crews was stolen during an August ransomware attack.
Carnival is included in both the S&P 500 and the FTSE 100 indices and it has more than 150,000 employees from roughly 150 countries and over 13 million guests each year.
The company operates nine cruise line brands (Carnival Cruise Line, Costa, P&O Australia, P&O Cruises, Princess Cruises, Holland American Line, AIDA, Cunard, Seabourn) and a travel tour company (Holland America Princess Alaska Tours).
The ransomware attack Carnival refers to took place on August 15, 2020, and it was disclosed via an 8-K form filed with the Securities and Exchange Commission (SEC) two days later, on August 17.
Scammers mixed together a malicious cocktail of social engineering, SIM-swapping, and remote desktop software to empty the bank accounts of at least three victims.
In total, victims lost more than $350,000. They were likely swindled by the same individuals since the modus operandi and some details were the same in all three cases.
Remote access to sensitive info
The scams happened over the summer in Budapest and started with the ruse of a well-located apartment offered for sale below the market value.
Enticed by the offer, the victims showed their interest and responded to the ad, learning that the lower price was because the owner, who was living abroad, needed money urgently.
A “relative” of the owner acted as an intermediary for the transaction, and promised potential victims more pictures of the property than shown in the original online ad, along with a video.
In two cases, the scammer convinced the victims to install AnyDesk remote desktop application to transfer the pictures and videos, Hungarian publication 24 reports.
Since AnyDesk is legitimate software, and the victims downloaded it directly from the developer’s website, there was no reason to suspect foul play.
The fraudster maintained access to the victim computer even after transferring the files and could search for sensitive info (documents, passwords, personal details) that would help them further in their scheme.
The goal was to log into the victim’s bank account and steal available funds; but with two-factor authentication (2FA) turned on, they also needed access to incoming message on the mobile phone.
Technical details about a high-severity vulnerability in Facebook’s Instagram app for Android and iOS show how an attacker could exploit it to deny user access to the app, take full control of their account, or use their mobile device to spy on them.
To trigger the bug, an attacker had only to send the target a specially crafted image via a common messaging platform or over email.
The issue was in the way Instagram parsed images, so as long as the app could access it to show it as options for a post, the vulnerability would set off allowing dangerous actions.
Popular search engines and browsers do a great job at finding and browsing content on the web, but can do a better job at protecting your privacy while doing so.
With your data being the digital currency of our times, websites, advertisers, browsers, and search engines track your behavior on the web to deliver tailored advertising, improve their algorithms, or improve their services.
In this guide, we list the best search engines and browsers to protect your privacy while using the web.
Fairfax County Public Schools (FCPS), the 10th largest school division in the US, was recently hit by ransomware according to an official statement published on Friday evening.
The school district is also the largest in the Baltimore-Washington Metropolitan Area and it has a budget of $3.1 billion approved for 2021.
FCPS has over 188,000 current students and approximately 25,000 full-time employees working in 198 schools and centers within the U.S. commonwealth of Virginia.
FBI involved in the ongoing investigation
At the moment the exact date when the ransomware impacted FCPS’s network is not yet known but the school district says that it collaborating with the FBI to determine what ransomware gang is behind the attack.
The Development Bank of Seychelles (DBS) was hit by ransomware according to a press statement published earlier today by the Central Bank of Seychelles (CBS).
DBS was founded in 1977 as a joint venture by the Seychelles government and several other shareholders including the European Investment Bank, Standard Chartered Bank, Barclays Bank, Deutsche Investitions und Entwicklungsgesellschaft (DEG), and Caisse Francaise de Cooperation.
Since then, the government and DBS bought the shares of Barclays Bank and DEG, giving the Seychelles government control of 60,50% of the bank’s shares.
Ransomware attack disclosed on Wednesday
According to the press release published today by CBS, the Development Bank of Seychelles reported the ransomware attack on September 9, 2020.
“Since then, CBS has been engaging with DBS to establish the exact nature and circumstances of the incident and closely monitor the developments, including the possible impact on DBS’ operations,” the press release reads.
“The CBS has stressed on the need for DBS to maintain communication with its clients and other stakeholders, particularly within the banking sector, throughout this process.”
CBS added that “engagement with DBS will also endeavor to identify areas of vulnerability that could have led to the ransomware attack.”
CBS also said that it will provide more details to the public after the ongoing investigation finds more on the attack that impacted the Development Bank of Seychelles’ systems.
BleepingComputer has reached out to the Development Bank of Seychelles for more information on the attack but has not heard back.
SeaChange International, a US-based leading supplier of video delivery software solutions, has confirmed a ransomware attack that disrupted its operations during the first quarter of 2020.
The company is traded on NASDAQ as SEAC and it has locations in Poland and Brazil. Its customer list includes telecommunications companies and satellite operators such as the BBC, Cox, Verizon, AT&T, Vodafone, Direct TV, Liberty Global, and Dish Network Corporation.
SeaChange also says that its Framework Video Delivery Platform currently powers hundreds of on-premise and cloud live TV and video on demand (VOD) platforms with more than 50 million subscribers in over 50 countries.
April ransomware attack now confirmed
BleepingComputer learned of the attack on SeaChange’s servers during April 2020 when a ransomware gang posted screenshots of files they claimed to have stolen from the company’s servers.
Among those screenshots, we found a cover letter with a Pentagon video-on-demand service proposal.
When BleepingComputer reached out to the US Department of Defense (DoD) to ask if they were aware of a SeaChange breach, the DoD declined to comment saying that it doesn’t share info on potential network intrusions or related investigations.
Online exam proctoring solution ProctorU has confirmed a data breach after a threat actor released a stolen database of user records on a hacker forum.
ProctorU is a proctoring service used by companies and colleges to monitor online tests for cheating.
Using installed software, webcams, and the computer’s microphone, ProctorU will monitor a test taker’s for behavior indicative of cheating. If cheating is suspected, the proctor can ask the student to show them parts of their room or desk with their webcam to ensure that cheating is not taking place.