Malware campaign is using some old and new methods.
One email claims to be from Maersk shipping line and the attachment (word doc) opens a backdoor connection to two hacker command and control servers
The dropbox domain is also referenced, the links attempt to contact londonpaerl (. )co (. )uk and selombiznet(.)net (I added the parantheses so it is harder to copy and paste these malware sites.
It is always good to keep up on the latest attacks and update anti-malware software.
This information is from a threatpost.com blog post
Information Systems & Supplies(ISS) has a letter to all of its customers
They discovered a breach through their remote access software, where customer data could have been stolen.
this is a travesty – so how do you know if a company you frequent has ISS there may have been a breach Here is a list of potential breaches:
dairy Queen, TacoTime, Laurelwood, Buffalo Wild Wings, Flat Tail Brewing, BarrelRoom, Atrium Lounge, and others….
Ask your restaurant if they use ISS as their software to handle transactions.
Or ask us and we will ask them.
Here is the FuturePOS software that was potentially breached
Duosecurity has bypassed the Two-factor authentication
This is effect makes the 2FA (Two Factor Authentication) useless.
this means that a password still has to be guessed(broken into) by the hackers for the account to be compromised.
Essentially if you set up your PayPal account for “extra” security, unfortunately that did not pan out. 2FA is not what it seems, it is actually not working as advertised.
Our recommendation is to stop using 2FA with PayPal for the time being.
Here is an explanation of 2FA by Google
Vocativ has the story: The hacker group Rex Mundi (or “King of the World”) is blackmailing french and Belgian branches of Dominos
Here are Domino’s tweets recommending customers to change passwords
Dominos is asking its customers to change passwords
“Rex Mundi has previously pulled similar stunts, demanding $20,000 from money lender group AmeriCash in 2012. When AmeriCash refused to hand over the ransom, the hackers released the data of 10,000 loan applicants online.”
Bloomberg has a story of potential hack
Including baby monitors – if you bought a baby monitor from foscam Digital Technologies – you need to update it.
“Some pranksters don’t need a profit motive. In April, an Ohio couple told television station Fox19 that they woke up to a strange man’s voice coming through their 10-month-old daughter’s connected baby monitor. The man was screaming obscenities and trying to awaken the baby, according to the report. “