Tag: Cybercrooks | SpinSafe

Fidelity National now says 1.3M customers had data stolen by cyber-crooks • The Register

January 10, 2024/in Internet Security

Fidelity National Financial now says criminals got hold of data belonging to 1.3 million customers after breaking into its IT network in November.

The mortgage giant, which has assets totaling $74 billion and is one of the largest providers of title insurance and settlement services in the US, disclosed the “cybersecurity incident” in an 8-K filing with the SEC that same month.

At the time, the corporation said the digital break-in forced it to shut down some IT systems and disrupted some of its title and mortgage-related services.

Ransomware gang ALPHV/BlackCat claimed responsibility for the attack shortly after, though the crew revealed few details about what data they allegedly stole. This was before law enforcement seized the gang’s dark-web site in December.

FNF also has yet to describe the incident as a ransomware infection, and did not respond to The Register‘s inquiries about the nature of the cybersecurity incident.

In an amended 8-K report filed on Tuesday, FNF provided additional details about the intrusion that it said were based on the findings of its forensic investigation, which was completed on December 13.

“We determined that an unauthorized third-party accessed certain FNF systems, deployed a type of malware that is not self-propagating, and exfiltrated certain data,” the SEC filing says. “The company has no evidence that any customer-owned system was directly impacted in the incident, and no customer has reported that this has occurred. The last confirmed date of unauthorized third-party activity in the company’s network occurred on November 20, 2023.”

FNF also said it notified about 1.3 million customers whose data was stolen, and will provide credit monitoring and identity services to those affected.

The biz added it “has been named as a defendant in several lawsuits related to this incident.” And it still maintains that, “at this time, we do not believe that the incident will have a material impact on the company.”

By that, it may think it can absorb any financial hit from the cyberattack. Another mortgage lender, Mr Cooper, last month said it expects to spend at least $25 million cleaning up its earlier security breach, which saw almost…

Source…

Has your baby monitor been hacked by cybercrooks?

March 8, 2022/in Computer Security

High-tech baby monitors could be hacked by cybercrooks, whose aim is to use them as entry points to other devices.

One would think the bed of a family’s most vulnerable member — a baby — would be safe from cybercrooks wanting to steal personal data.

Well, that’s not true.

FortiGuard Labs, which operates a cybersecurity data centre in Burnaby, has found at least one baby monitor that has crawled into cribs.

“In September 2021, we noticed attacks attempting to exploit a remote code execution vulnerability in Motorola’s Halo+ Baby Monitor,” the company said in its Global Threat Landscape Report released in February. “The attacks that followed allowed actors into one of the most intimate parts of people’s homes via full access to the baby monitor’s display device, camera, accompanying app, and data shared between the devices.”

Derek Manky, FortiGuard’s chief security strategist and vice-president of global threat intelligence, said the issue resonates on the privacy protection front.

“It’s a baby monitor today; what’s tomorrow?” he asked.

The Motorola model had a remote access flaw, the reported noted.

One might argue it’s just a baby monitor and that the baby has nothing to hide.

But Manky said the monitor could be used as a jumping-off point; crooks use it to gain access to other home devices that are connected across the home computer network. The cyber expert pointed to phones, watches, fridges, toys, medical sensors and doorbells being hacked.

With the surge in home-based work due to the COVID-19 pandemic, the number of home devices has also surged, broadening what is known as the “attack surface” that cybercrooks can target, Manky added.

Manky stressed not using default passwords on such devices. Change them, he said.

And make sure companies providing such devices have software upgrades and patches to fix vulnerabilities fraudsters can use to get into your home systems.

One thing people can do is use the segmented zones on routers. Use a variety of zones to isolate your devices, he explained.

[email protected]

twitter.com/jhainswo

Did this ransomware threat drop away because cybercrooks went on holiday? – ZDNet

January 17, 2017/in Mobile Security

ZDNet

Did this ransomware threat drop away because cybercrooks went on holiday?
ZDNet
Check Point's Global Threat Index also details the most significant malware threats to businesses via mobile devices, with the HummingBad Android malware once again representing the most common cybercriminal threat to smartphones and tablets. Second …

and more »

android ransomware – read more

Hollywood hospital held to ransom by cybercrooks

February 16, 2016/in Internet Security

Crooks are reportedly demanding 9,000 in Bitcoin – about $ 3.4 million – from Hollywood Presbyterian Medical Center.
Naked Security – Sophos

Tag Archive for: Cybercrooks