Internal Threats












        Dentist offices across the US hit with ransomware. Hundreds of dentist offices around the United States were
        hit with ransomware this week according to multiple reports from ZDNet, CNN and security researcher Brian
        Krebs. The incidents are the result of an apparent vulnerability in software provided by The Digital Dental
        Record and PerCSoft, two Wisconsin-based companies that offer medical record retention and backup services
        to dental practices. The issue stems from a breach that occurred over the weekend in which hackers were able
        to deploy REvil ransomware on computers running software from the aforementioned companies. Dental
        offices discovered the issue on Monday when they attempted to access patient information but were locked
        out and presented with a ransom demand. The Digital Dental Record and PerCSoft have reportedly shared a
        decrypter with affected practices after agreeing to pay the attackers according to ZDNet.
                Source:  https://www.engadget.com/2019/08/29/dentist-office-ransomware-digital-dental-record-
                percsoft/



        New ransomware grows 118% as cybercriminals adopt fresh tactics and code innovations - McAfee Labs saw
        an average of 504 new threats per minute in Q1 2019, and a resurgence of ransomware along with changes in
        campaign execution and code. More than 2.2 billion stolen account credentials were made available on the
        cybercriminal underground over the course of the quarter. Sixty-eight percent of targeted attacks utilized
        spear-phishing for initial access, 77% relied upon user actions for campaign execution. “The impact of these
        threats is very real,” said Raj Samani, McAfee fellow and chief scientist. “It’s important to recognize that the
        numbers, highlighting increases or decreases of certain types of attacks, only tell a fraction of the story. Every
        infection is another business dealing with outages, or a consumer facing major fraud. We must not forget for
        every cyberattack, there is a human cost.”

                Source: https://www.helpnetsecurity.com/2019/08/29/new-ransomware/



        1 in 4 employees would steal company information to secure their next job - According to a survey of 476 IT
        security professionals at Black Hat USA 2019, nearly one in four (24%) said they would take company
        information to help apply for a position at a competitor. The Gurucul study also found that managed service
        providers or MSPs (34%) and developers (30%) pose the leading sources of third-party risk, and that if
        someone was to commit fraud it would most likely occur in the finance department (32%).

                Source: https://www.helpnetsecurity.com/2019/08/28/insider-data-theft/



        Fileless attacks designed to disguise malicious activity up 265% - Trend Micro published its roundup report
        for the first half of 2019, revealing a surge in fileless attacks designed to disguise malicious activity. Detections
        of this threat alone were up 265% compared to the first half of 2018. Along with the growth in fileless threats
        in the first half of the year, attackers are increasingly deploying threats that aren’t visible to traditional security
        filters, as they can be executed in a system’s memory, reside in the registry, or abuse legitimate tools. Exploit
        kits have also made a comeback, with a 136% increase compared to the same time in 2018.

                Source: https://www.helpnetsecurity.com/2019/08/30/fileless-attacks-surge/


                                                    www.accumepartners.com
                                                                                                                    11