Zeppelin Ransomware Spreading

Over the last month, researchers have been monitoring the spread of a new ransomware variant, Zeppelin. This is the latest version of the ransomware-as-a-service that started life as VegaLocker/Buran and has differentiated itself by focusing on healthcare and IT organizations in both the U.S. and Europe. This variant is unique in that extensions are not appended, but rather a file marker called Zeppelin can be found when viewing encrypted files in a hex editor.

German ISP Faces Major GDPR Fine

The German internet service provider (ISP) 1&1 was recently fined for failing to protect the identity of customers who were reaching out to their call centers for support. While the incident took place in 2018, GDPR is clear about imposing fines for organizations that haven’t met security standards, even if retroactive changes were made. 1&1 is attempting to appeal the fines and has begun implementing a new authentication process for confirming customers’ identities over the phone.

Turkish Credit Card Dump

Nearly half a million payment cards belonging to Turkish residents were found in a data dump on a known illicit card selling site. The cards in question are both credit and debit cards and were issued by a variety of banking institutions across Turkey. This likely means that a mediating payment handler was the source of the leak, rather than a specific bank. Even more worrisome, the card dump contained full details on the cardholders, including expiration dates, CVVs, and names; everything a hacker would need to make fraudulent purchases or commit identify theft.

Pensacola Ransomware Attack

The city of Pensacola, Florida was a recent victim of a ransomware attack that stole, then encrypted their entire network before demanding $1 million ransom. In an unusual message, the authors of the Maze ransomware used explicitly stated that they had no connection to the recent shootings at the Pensacola Naval Base, nor were they targeting emergency services with their cyberattack.

Birth Certificate Data Leak

An unnamed organization that provides birth certificate services to U.S. citizens was contacted earlier this week in regard to a data leak of nearly 750,000 birth certificate applications. Within the applications was sensitive information for both the child applicant and their family members, which is highly sought after by scammers because it is relatively easy to open credit accounts for children with no prior credit history. Researchers are still waiting to hear back from the organization after finding this data dump in an unsecured Amazon Web Services bin.

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This