253 Madison Avenue, Wyckoff, NJ
(201) 891-8686
Visit us on social networks
 
(201) 891-8686
Uncategorized

Cyber Threat Update

July 29, 2022by Christine Becker

Unfortunately, cybercriminals aren’t taking any time off this summer. Here’s a round up of a few recent attacks to keep in mind:

Cryptocurrency Scams

The New Jersey Cybersecurity & Communications Integration cell has received reports of stolen cryptocurrency. The FBI also issued a notification alerting financial institutions and investors that cybercriminals are creating fraudulent cryptocurrency investment apps. 

The cybercriminals were using tactics such as social engineering to contact investors and convince them to download the apps and visit associated fake websites which seemingly had legitimate business names, logos, and other information. 

At least 244 victims were identified, resulting in $42.7 million in losses. 

H0lyGh0st Ransomware

Microsoft Threat Intelligence Center (MSTIC) researchers identified that a North Korea-based hacker group called DEV-0530 has been using something called H0lyGh0st ransomware to target small and medium-sized businesses since June 2021. 

So far, victims have included banks, schools, manufacturers, and event/meeting planning companies. Notably, MSTIC found that some of the infrastructure overlaps with PLUTONIUM, another North Korean threat actor group. 

Skimming Attacks

NJCCIC also reported that two active Magecart campaigns are targeting restaurants using MenuDrive, Habortouch, and InTouchPOS online ordering systems. At least 50,000 credit cards have been compromised. These cards were listed for sale on the dark web – impacting over 300 small businesses. 

Magecart attacks are web-based credit card skimming operations in which malicious JavaScript code is sent into payment portals to steal card data as customers check out. 

Cybersecurity Giant Targeted

Cybersecurity giant Entrust confirmed it was hit by a cyberattack last month. The Minneapolis-based firm, which describes itself as a global leader in identities, payments, and data protection, told TechCrunch that an “unauthorized party” accessed parts of its system used for internal operations. 

A cybersecurity researcher named Dominic Alvieri obtained and released a July 6 notice sent to Entrust customers which cited the company CEO saying that “some files were taken from our internal systems. 

previous
TNTMAX Welcomes Eric Valdes as Chief Operating Officer
next
How to Disappear Online
https://tntmax.com/wp-content/uploads/2022/10/tntnmax-logo-boxed-bright-Space.png

YOU WANT TO COMPETE IN A TECHNOLOGY DRIVEN WORLD.

TOGETHER WE CAN GET YOU THERE.

TOGETHER WE CAN GET YOU THERE.

LET'S GET TOGETHER
https://tntmax.com/wp-content/uploads/2022/10/tntnmax-logo-boxed-bright-Space.png

TNTMAX is a northern New Jersey-based managed technology service and cyber security consulting company. We have clients around the world but most are located throughout Bergen and Passaic Counties in NJ, Rockland and Westchester Counties in New York, New York City, Connecticut and Pennsylvania.

CONTACT US
Our Services
Find Out More
Let’s Get In Touch
(201) 891-8686
253 Madison Ave, Wyckoff, NJ
[email protected]

©2023 TNTMAX. All rights reserved. Read our Privacy Policy & Terms & Conditions for more.