Verizon’s Data Breach Authority Breached by Cyber Criminal

This week, we hear the latest on Verizon’s Data Breach Authority Breached by Cybercriminal and Petya Ransomware Uses Dropbox to Shut Users Out of Computers.

Breach

Verizon’s Data Breach Authority Breached by Cyber Criminal

Verizon Enterprise Solutions, which helps Fortune 500 companies respond to data breaches and is known for its Data Breach Investigations Report, has been hit by its own data breach. Cybersecurity expert Brian Krebs was the first to notice a black-market forum selling the contact information for approximately 1.5 million of Verizon Enterprise Solutions’ customers. The criminal responsible was selling the entire package for $100,000 or in batches of 100,000 contacts for $10,000.

Krebs reached out to Verizon, who confirmed the breach and said, “the company recently identified a security flaw in its site that permitted hackers to steal customer contact information, and it is in the process of alerting affected customers.” 

References: Verizon’s Data Breach Fighter Gets Hit With, Well, a Data Breach | Data breach authority Verizon Enterprise breached; 1.5 million customers impacted  | Crooks Steal, Sell Verizon Enterprise Customer Data

Mitigation Strategies:

Malware

Petya Ransomware Uses Dropbox to Shut Users Out of Computers

Researchers from Trend Micro discovered a new variant of ransomware, dubbed Petya. It is delivered to victims via an email phishing scam, locks the user out of their computer, and forces them to pay 0.99 Bitcoin (over $400) ransom to decrypt the computer. The victims, mostly Human Resources employees, receive an email from applicants seeking a position at their company. The email contains a hyperlink to a Dropbox storage location that supposedly contains a resume; however, visiting the location loads a Trojan onto the victim’s computer, which in turn downloads the Petya ransomware. Once installed, Petya replaces the Master Boot Record, rendering the OS inoperable and then continues to encrypt the Master File Table, causing the computer to not know where files are located, or even if they exist. 

References:  Petya ransomware leverages Dropbox and overwrites hard drives | Petya Ransomware Locks Users Out on Boot Up

Mitigation Strategies:

Top 20 IP Addresses

223.234.142.127 81.183.56.217
46.109.168.179 188.227.74.171
188.118.2.26 118.170.130.207
198.55.114.151 93.174.93.94
114.44.192.128 87.222.67.194
183.60.48.25 2.139.246.228
123.249.0.151 103.242.190.57
58.218.211.244 94.242.253.11
94.242.246.40 80.82.65.219
27.255.80.21 157.122.148.241

*IP addresses provided by Recorded Future.