Feds Warn of Potential Ransomware Attacks Over Labor Day Weekend

Malicious actors can disarm Fortress home security system, New details emerge on ProxyToken, Scammers exploit driver's license grace periods, Ethical hacker could have mounted Banksy art scam, more

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert warning of potential ransomware attacks targeted at U.S. organizations ahead of Labor Day weekend.

The government organizations say they have no specific intelligence to back up this warning, but they are issuing it because “Cyber actors have conducted increasingly impactful attacks against U.S. entities on or around holiday weekends over the last several months.” (Maggie Miller / The Hill)

Related: Industrial Cybersecurity PulseBleeping ComputerThe Record, MeritalkZDNet SecurityCISA

Researchers at Rapid7 say they found a couple of vulnerabilities in the Fortress S03 Wi-Fi Home Security System they claim can be exploited by malicious hackers to disarm the system remotely.

This attack does not require any prior knowledge of the targeted system, but an attacker can only launch it in the target's radio range. Rapid7 reported the flaws to Fortress in May and August, but the company has yet to issue a patch. (Eduard Kovacs / Security Week)

Related: Rapid7SecurityWeekThe Hacker News, ThreatpostSecurity WeekTechCrunchSecurity Affairs

A flaw in the Go Ethereum, or Geth, software that affected users who hadn’t implemented an update meant to fix the mistake split half of the Ethereum blockchain in half until most traders using Geth swiftly upgraded their systems, thereby averting a disaster.

The parallel network will eventually disappear as more users of Geth upgrade their systems. (Kartikay Mehrotra / Bloomberg)

Related: Tom’s Hardware, The Block

Follow Us on LinkedIn

The Zero Day Initiative offered new details on the now-patched security vulnerability impacting Microsoft Exchange Servers called ProxyToken that an unauthenticated attacker could use to modify server configurations, thus disclosing Personally Identifiable Information (PII).

"With this vulnerability, an unauthenticated attacker can perform configuration actions on mailboxes belonging to arbitrary users," ZDI said. "As an illustration of the impact, this can be used to copy all emails addressed to a target and account and forward them to an account controlled by the attacker." (Ravie Lakshmanan / The Hacker News)

Related: iTnews - SecurityIT ProSecurityWeek, Heimdal Security Blog, The Daily SwigeSecurity PlanetSecurity AffairsZDI

Scammers are exploiting state-level emergency declarations that allowed driver’s licenses to remain valid past their expiration dates due to logjams created by the COVID-19 crisis by sending phishing scams designed to steal people’s identities.

The fraudsters are sending texts or emails falsely warning that the target’s license needs to be updated, is missing information, or is expiring to trick the recipients into providing personal information on Google sheets. Iowa, Minnesota, Ohio, Vermont, and Wyoming are among the states that have warned residents about the scams over the past two months. (Jenni Bergal / Pew Stateline)

Related: The Crime Report,  NextGov

The Department of Justice announced that Brooklyn woman Juliana Barile pleaded guilty to deleting 20 gigabytes of data from the credit union she worked for after being fired.

After being fired on May 19 from the credit union she worked for, Barile accessed the union's network file server two days later and deleted 21.3 gigabytes of data. The data included over 20,000 files and 3,500 directories. She also deleted files related to mortgage loan applications and anti-ransomware protection software. (Daniel Villarreal / Newsweek)

Related: US DOJ News Today, Brooklyn Eagle

A UK-based art collector who uses the handle Pranksy paid almost a quarter of a million pounds (around $344,000) on a fake digital Banksy artwork says they think they were the victim of an “ethical hacker.” The collector got their money back.

The collector thought they were purchasing a work entitled Great Redistribution of the Climate Change Disaster, a digital image showing a man smoking a cigarette in front of smoking chimneys, after a link to an online auction was posted on a now-deleted page of the artist’s website. A spokesperson for Banksy says the artist was not involved in the transaction. (Robert Dex / Evening Standard)

Related: MotherboardDaily MailThe VergeBBC News - Home, Slashdot

Cloud data protection platform OwnBackup announced the acquisition of RevCult, a California-based software company that provides Salesforce security and governance solutions, often known as SaaS Security Posture Management (SSPM).

OwnBackup says that the addition of RevCult will allow us to innovate faster in the cloud and protect customers against the primary security issues that lead to data loss and corruption. (Paul Sawers / Venture Beat)

Related: Business Wire

Photo by Michael Kilcoyne on Unsplash