Over the last month, researchers have been monitoring the\nspread of a new ransomware variant, Zeppelin<\/a>.\nThis is the latest version of the ransomware-as-a-service that started life as\nVegaLocker\/Buran and has differentiated itself by focusing on healthcare and IT\norganizations in both the U.S. and Europe. This variant is unique in that\nextensions are not appended, but rather a file marker called Zeppelin can be\nfound when viewing encrypted files in a hex editor. <\/p>\n\n\n\n The German internet\nservice provider (ISP) 1&1<\/a> was recently fined for failing to protect\nthe identity of customers who were reaching out to their call centers for\nsupport. While the incident took place in 2018, GDPR is clear about imposing\nfines for organizations that haven\u2019t met security standards, even if retroactive\nchanges were made. 1&1 is attempting to appeal the fines and has begun\nimplementing a new authentication process for confirming customers\u2019 identities\nover the phone. <\/p>\n\n\n\n Nearly half a million payment cards belonging to Turkish\nresidents<\/a> were found in a data dump on a known illicit card selling site.\nThe cards in question are both credit and debit cards and were issued by a variety\nof banking institutions across Turkey. This likely means that a mediating\npayment handler was the source of the leak, rather than a specific bank. Even\nmore worrisome, the card dump contained full details on the cardholders,\nincluding expiration dates, CVVs, and names; everything a hacker would need to\nmake fraudulent purchases or commit identify theft.<\/p>\n\n\n\nGerman ISP Faces Major GDPR Fine<\/h2>\n\n\n\n
Turkish Credit Card Dump<\/h2>\n\n\n\n
Pensacola Ransomware Attack<\/h2>\n\n\n\n