Light Dark
August 5, 2019 By David Bisson 3 min read

Last week in security news, Capital One disclosed a security incident that exposed the personal information of more than 100 million customers. Security researchers also came across a new family of Android ransomware, a new installation method for AgentTesla and a new TrickBot version. Finally, digital attackers used scams to commit click fraud and steal access to users’ bank accounts.

Top Story of the Week: The Capital One Breach

Capital One revealed that it had discovered a security incident on July 19 in which an outside individual gained unauthorized access to the bank holding company’s systems. This party subsequently obtained personal information about Capital One credit card customers as well as individuals who had previously applied for the company’s products. Overall, Capital One estimated the impact of the breach at approximately 100 million Americans and about 6 million Canadians.

Upon discovering the incident, Capital One fixed the issue and began working with federal law enforcement.

Source: iStock

Also in Security News

  • Researchers Discover a New Android Ransomware Family: ESET witnessed bad actors spreading around the ransomware, detected as Android/Filecoder.C, by submitting malicious posts to Reddit and the XDA Developers forum. Upon successful infection, the ransomware pivoted to a victim’s contact list and sent out SMS messages with malicious links to all contacts. It then encrypted most files on the victim’s device before displaying its ransom note.
  • Attackers Embrace a New AgentTesla Delivery Method: At the end of July, My Online Security spotted digital attackers using Choice.exe, a Microsoft default file found in all current Microsoft OS versions, to distribute the AgentTesla keylogger/infostealer. Even so, they didn’t stray from generic order/invoice emails as their preferred attack vector.
  • New TrickBot Version on the Lookout for Windows Defender: According to Bleeping Computer, security researchers detected a new version of TrickBot that goes after Windows Defender, the native antivirus software installed on a Windows 10 machine. Following execution, this malware initiated a loader that attempted to disable Windows services and processes associated with security software such as Defender.
  • Malvertising Campaign Delivering Malicious Flash Player Installer: In June 2019, Cisco Talos spotted digital attackers leveraging a technique known as “domain parking” to launch a malvertising campaign. Specifically, the operation used a website redirecting Safari browsers to a domain to deliver a malicious Flash Player installer.
  • Scammers Using Malicious QR Codes to Target Bank Accounts: Malwarebytes learned of a scam in which fraudsters asked if users would pay for their parking by scanning a QR code using their mobile banking app. If they did scan the code, however, the users inadvertently forfeited their account credentials to the fraudsters.
  • WhatsApp Scam Lures in Users With Promise of Free Internet: At the end of July, ESET researchers in Latin America received a WhatsApp message that claimed the service could provide them with 1,000 gigabytes worth of free internet. Clicking on the message’s link redirected users to a page hosting a questionnaire; this page then instructed users to tell 30 of their contacts about the questionnaire for the hidden purpose of committing click fraud.

Security Tip of the Week: How to Defend Against Scam Campaigns

ESET noted in its analysis of the WhatsApp ruse that digital attackers will continue to use social attacks like scams to lure in users:

“Attacks that rely on social engineering are rampant, simply because they continue to be very effective. Con artists know full well that everybody likes to receive something for free or help others, and these are just some of our traits that make us susceptible to fraud…. If we want to avoid getting caught out, we need to keep up on the scammers’ methods and watch out for red flags.”

Security professionals can help in this regard by using test engagements to strengthen all employees’ awareness of scams, phishing attacks and other social campaigns. Companies should situate this emphasis on training within the context of a layered email security strategy that also employs spam control, mail scanning and other security controls.

 |  |  |  |  |  |  |  |  |  |  |  |  |  | 
David Bisson
Contributing Editor

More from

May 3, 2024

What we can learn from the best collegiate cyber defenders

3 min read - This year marked the 19th season of the National Collegiate Cyber Defense Competition (NCCDC). For those unfamiliar, CCDC is a competition that puts student teams in charge of managing IT for a fictitious company as the network is undergoing a fundamental transformation. This year the challenge involved a common scenario: a merger. Ten finalist teams were tasked with managing IT infrastructure during this migrational period and, as an added bonus, the networks were simultaneously attacked by a group of red…

May 2, 2024

A spotlight on Akira ransomware from X-Force Incident Response and Threat Intelligence

7 min read - This article was made possible thanks to contributions from Aaron Gdanski.IBM X-Force Incident Response and Threat Intelligence teams have investigated several Akira ransomware attacks since this threat actor group emerged in March 2023. This blog will share X-Force’s unique perspective on Akira gained while observing the threat actors behind this ransomware, including commands used to deploy the ransomware, active exploitation of CVE-2023-20269 and analysis of the ransomware binary.The Akira ransomware group has gained notoriety in the current cybersecurity landscape, underscored…

May 1, 2024

New proposed federal data privacy law suggests big changes

3 min read - After years of work and unsuccessful attempts at legislation, a draft of a federal data privacy law was recently released. The United States House Committee on Energy and Commerce released the American Privacy Rights Act on April 7, 2024. Several issues stood in the way of passing legislation in the past, such as whether states could issue tougher rules and if individuals could sue companies for privacy violations. With the American Privacy Rights Act of 2024, the U.S. government established…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature