Scoop: Cyberattack on insurance giant CNA was caused by a new ransomware group known as 'Phoenix Cryptolocker' bleepingcomputer.com/news/security/…
During CNA's ransomware attack, thousands of devices, including remote devices over VPN, were encrypted and files had the .phoenix extension appended to them.
The folllowing ransom note named PHOENIX-HELP.txt was created on devices.
We have been told that the Phoenix Cryptolocker ransomware has many code similarities with Hades, which has been attributed to the Evil Corp. bleepingcomputer.com/news/security/…
Tor is auctioning off the first Onion service ever created known as Dusk. duskgytldkxiuqc6.onion
The winning bid will receive the Onion service's RSA1024 private key as well as one-of-a-kind digital artwork named 'Dreaming of Dusk' created from the key by @IxShellS.
A new tech support scam is targeting people with fake McAfee, Microsoft, and Norton Lifelock billing notices via email, rather then using your typical shady website advertisements.
According to @VadeSecure, they have filtered over 1 million emails so far in this campaign, with it peaking at over 200K emails in a single day.
However, last month @backchannelre learned of a Google Drive folder shared online that contained private adult-themed OnlyFans content from 279 different content creators.
It is not known how much content has been shared without downloading it all but we have been told that at least one of the folders has 10 GBs of videos and images.
In a 'Data Incident' incident notification, SANS states they discovered that one of their employees' email accounts was compromised during a phishing attack.
As part of this attack, a malicous Office 365 addon (most likely an Oauth app) was installed and a rule was created to forward incoming mail to an unknown external email address.