While new threats may emerge every day, Digital Safe Limited is on a mission to help organizations battle them collectively through threat information sharing. In different streaks, password-protected archives containing corporate data of a storage chip maker were published by a ransomware group. Cybercriminals were once again spotted hijacking workstations through malicious software packages to mine cryptocurrency. Let’s recap through the top cybersecurity headlines from the past 24 hours.
- Ragnar ransomware group published over 700GB of data, including sensitive corporate information, of the Taiwanese memory and storage chip maker ADATA.
- According to the Ohio Department of Medicaid, personal data belonging to Medicaid providers in the state may have been accessed by an unidentified third party via its data manager, Maximus, in a security incident last month.
- The Maryland Department of Labor detected roughly 1.3 million fraudulent unemployment insurance claims since the pandemic and 508,000 requests coming through in the past six weeks.
- Sonatype researchers found multiple malicious packages in the PyPI repository—with about 5000 downloads—that turns developers’ workstations into crypto mining machines.
- A new phishing campaign that counterfeits an Outlook Security update email purportedly from an IT Security department is luring employees to open a New Policy PDF to harvest their Office365 credentials.
- Sophos uncovered an attack campaign that targets users of pirated software for popular online games or productivity tools. The malware in use can block access to websites hosting pirated software.
- Minerva Labs noted that several Sload malware infections, which appear to be originating from Italian endpoints, are targeting European users.
- Password authentication firm Transmit Security raised $543 million in Series A funding led by Insight Partners and General Atlantic, with additional investment from others.
- Managed Detection and Response (MDR) provider firm Pondurance acquired Texas-based advisory and assessment services provider Bearing Cybersecurity.