Hackers are threatening to dump a bunch of confidential documents relating to the 9/11 terror attacks if the companies involved do not pay out a hefty sum. The group, who go by the ominous sounding name of The Dark Overlord, has been blackmailing individuals and organizations including Hiscox Syndicates Ltd and Lloyds of London, and claim to have hijacked 18,000 secret documents, Motherboard reports. The hackers are threatening to release the documents in stages until a ransom is received in Bitcoin.

Read more: Hackers Say They Will Release Confidential 9/11 Documents If Blackmail Demands Are Not Met

The FTC Orders Advanced Tech Support to Pay $10M in Refunds
Advanced Tech Support, previously known as Inbound Call Experts, is a company that used online ads, search results and even partnered with software companies to scam users. The ads/alerts were claiming the device was in need of technical support and the user was urged to call Advanced Tech Support to remediate the issue. However, there was never an issue with the device.

The FTC recently won a case against Advanced Tech Support. The company was ordered to pay $10 million in restitution for the victims of their scams. Soon, the FTC will be sending out emails to those who are entitled to a partial refund. The FTC stated,

Read more: $10M Available in Refunds for Tech Support Victims

Scammers Portray Charitable Giving for Hurricane Harvey Victims

It’s unfortunate this article even has to be written. But it does. Hurricane Harvey has wreaked havoc throughout Texas, and it is clear the storm has not yet passed. It is now, when our country works together to bring some kind of peace to those victims. Often times, that peace comes through charitable donations. Scammers know this. If you choose to donate to the victims of hurricane Harvey, it is important you do so through legitimate avenues. There have already been numerous GoFundMe accounts established to help the victims. However, it is incredibly easy to set up another one that anyone can be behind. There have also been sponsored ads on social media platforms with donation links.

Read more: Scammers Prey on Goodwill of Others During Hurricane Harvey

August 17, 2017 Kayla Thrailkill

Locky Ransomware is Back

Locky, a ransomware variant that was once upon a time one of the most popular types of ransomware, is back. This return is not surprising. Cyber criminals would rather make slight alterations to existing malware and reuse it, then have to create it from scratch. By making even the simplest changes, a known threat can become an unknown file. This is exactly what the hackers want, and here’s why.

Most security programs utilize a blacklist as their primary method of malware detection. A blacklist is a list of all known threats. If an unknown file tries to execute on a computer with a security program that uses a blacklist — it will run. Why? Because it is not a known threat. See the issue?

Read more: Locky Makes Yet Another Return

Hackers Target Websites with Fresh WordPress Installs.

 Within recent months SonicWall Threat Research Labs recently received reports of attackers targeting newly installed WordPress sites. Attackers search for the following phrases:

• WordPress
• Setup Configuration File

If both phrases exist, then it is possible that the site has WordPress installed but has not been configured properly. In fact, doing a Google search for the above, results in many vulnerable sites.

Once the attacker has control over the WordPress website running in the target server, the attacker can do any of the following:

1. Use the WordPress website for hosting malware, exploit kits, etc.
2. Use the WordPress website as a launching pad to attempt control of the server. This can be done by executing specially crafted PHP scripts.

If an attacker finds your fresh install, they can easily click through the first two steps and then enter their own database server information in this final step. Their database can be on their own server, and it doesn’t have to contain any data – it can simply be an empty database. They just need to get a working WordPress installation running on your site that they have admin access to.

Once this step is complete, WordPress confirms that it can communicate with the database – in this case, the attacker’s database:

Read more: Hackers Target Websites with Fresh WordPress Installs