Last month, the City of Torrance, California fell victim to\na ransomware attack that shut down many of their internal systems and demanded\n100 Bitcoins to not publish the stolen data. Along with the roughly 200GB of\ndata it stole from the city, the DoppelPaymer<\/a>\nransomware also deleted all local backups and encrypted hundreds of\nworkstations. At this time, it\u2019s uncertain whether the City of Torrance has\nchosen to pay the ransom, as the malware authors seem to have diligently removed\nany means for the City to recuperate on their own.<\/p>\n\n\n\n Over 700 malicious packages have been discovered within the RubyGems<\/a>\nmain program and file repository. These originated from just two accounts and\nwere uploaded over a single week period in late February. Between them, the\nmany packages have a combined download number of over 100,000, most of which\nincluded a cryptocurrency script that could identify and intercept cryptocurrency\ntransactions being made on Windows\u00ae devices. While this isn\u2019t the first time malicious\nactors have used open source file repositories to distribute malicious payloads,\nthis infiltration of an official hub for such a long period of time speaks to\nthe lack of security within these types of systems. <\/p>\n\n\n\n Late last week, the Maze\nRansomware<\/a> group took aim at New Jersey-based internet service provider,\nCognizant, and took down a significant portion of their internal systems. The\nattack occurred just a day after the removal of a dark web post that offered access\nto an IT company\u2019s systems for $200,000. It had been listed for nearly a week.\nWhile Cognizant has already begun contacting its customers about the attack, the\ntrue extent of the damage remains unclear. <\/p>\n\n\n\n The Federal Trade Commission recently released statistics on\nthe number of complaints they\u2019ve received specifically related to the COVID-19\npandemic: it\u2019s over 17,000 in just a three-month period. While this number is\nassuredly less than the actual number of COVID-19\nrelated scams<\/a>, these reported complaints have resulted in a sum of over $13\nmillion in actual losses, ranging from fraudulent payments to travel\ncancellations and refunds. Additionally, the FTC was able to catalogue over\n1,200 COVID-19 related scam calls reported by people on the Do Not Call list.<\/p>\n\n\n\nMalicious Packages Hidden Within Popular File Repository<\/h2>\n\n\n\n
Maze Ransomware Targets Cognizant ISP<\/h2>\n\n\n\n
COVID-19 Scams Net $13 Million<\/h2>\n\n\n\n
Customer Data Stolen from Fitness App<\/h2>\n\n\n\n