Multiple Irish Educational Institutions Suffer Ransomware Attacks
Within the past week, both the National College of Ireland and the Technological University of Dublin have fallen victim to ransomware attacks that have caused major disruptions in their normal operations. All IT services for both institutions have been taken offline to reduce the overall impact of the attacks and have begun reaching out to students regarding their classes and assignments. Officials for the universities are still working to identify the origin of the attacks and if any personally identifiable information belonging to staff or students was stolen.
High Volume Office Depot Database Left Unsecured
Late last week, researchers discovered a misconfigured, and unsecured database belonging to Office Depot and containing nearly a million unique records. With unencrypted contact information and a complete purchase history, any cybercriminals that may have accessed the database within the week of it being exposed would have everything they’d need to commit additional fraud. Fortunately, officials for Office Depot were quick to correct the issue after it was brought to their attention.
Android Worm ‘FlixOnline’ Spreading Through WhatsApp
A new malicious Android app has been identified in the Google Play store, that poses as a legitimate Netflix app offering free subscriptions, but instead hijacks any WhatsApp sessions and begins spreading malicious content using autoreplies. In addition to the app requesting permissions to ignore battery optimization settings for shutting down heavy-draining apps, ‘FlixOnline’ will also disable notifications from WhatsApp, to hide the malicious responses being distributed. While Google is quick to remove harmful apps from the Play Store, over 500 individuals were still able to download ‘FlixOnline’ before it was taken down.
Broward County Public Schools Faces $40 Million Ransom
Officials for a Florida school district are working to restore operations after a ransomware attack encrypted some of their systems and demanded $40 million in cryptocurrency. After weeks of negotiations, the criminals refused a final offer of $500,000 and ceased communications. In a lucky turn, officials also believe that no information was stolen during the attacks and are confident that they will be able to restore everything to normal operations without paying any ransom.
Unpatched Fortinet VPNs Targeted by Cring Ransomware
Operators of the Cring Ransomware have found a vulnerability within Fortinet VPNs that allows them to gain access to domain level credentials and begin distributing the encryption payload and accompanying ransom note. Cring is a relatively new ransomware variant, having only really been active since December of 2020, and focus mainly on exploiting unpatched systems for previously known vulnerabilities.