Over the course of 2019, one ransomware variant, known as Shade<\/a>, has taken over 50 percent of market share for\nransomware delivered via email. Otherwise known as Troldesh, this variant receives\nregular updates to further improve it\u2019s encrypting and methods of generating\nadditional revenue from both cryptomining and improving traffic to sites that\nrun ads. In just the first half of 2019, attacks using Troldesh dramatically\nrose from 1,100 to well over 6,000 by the second calendar quarter. <\/p>\n\n\n\n For more than a year sensitive customer data belonging to\nusers of the mobile payment app PayMyTab<\/a>\nhas been publicly exposed in an online database using no security protocols.\nEven after being contacted multiple times regarding the data breach, the\ncompany has yet to fully secure customer data and may have to take drastic\nmeasures to fully secure their data storage after allowing virtually unlimited\naccess to anyone with an interest in personal data. <\/p>\n\n\n\n Login credentials for two highly-trafficked websites were\ndiscovered in a data\ndump<\/a> earlier this week. One dump belonged to GateHub, a cryptocurrency\nwallet with potentially up to 1.4 million user credentials stolen, including\nnot only usernames and passwords, but also wallet hashes and keys used for\ntwo-factor authentication. The second dump contained information on 800,000\nusers of EpicBot, a RuneScape bot used to automate tasks in the skill-centric\nMMORPG. While both dumps appeared on dark web marketplaces on the same day, it\nalso seems coincidental that both sites use bcrypt hashing for passwords, which\nshould make them exceedingly difficult to crack assuming it was set up\nproperly. <\/p>\n\n\n\n Multiple Louisiana state service sites were taken offline\nearly Monday morning following a ransomware\nattack<\/a> that affected mostly transportation services. All 79 of the state\u2019s\nDMV locations were forced to close until systems were returned to normal, as\nthey were unable to access DOT services to assist clients. While it is still\nunclear what variant of ransomware was used, the state of Louisiana did have a\ncybersecurity team in place to stop any further spread of the infection. <\/p>\n\n\n\nPayMyTab Leaves Customer Data Exposed<\/h2>\n\n\n\n
Credentials Dump for Major Service Sites<\/h2>\n\n\n\n
Louisiana Government Systems Hit with Ransomware<\/h2>\n\n\n\n
Magecart Targets Macy\u2019s Online<\/h2>\n\n\n\n