Ukraine’s central bank flagged the risk of SWIFT-based funds-transfer fraud in April, Reuters reports. Confidential communication warned lenders to be on their guard and upgrade security.
Palo Alto Networks has taken down the infrastructure used by an Iranian group to spread Infy cyber-espionage tools, a welcome but probably temporary respite for those targeted.
The quality and provenance of the health insurance data DarkOverlord is selling in the RealDeal dark web souk remain controversial. InfoRiskToday reports another possible insurance breach, this one involving India’s Shriram Life Insurance. Third parties claim they’ve confirmed the incident; Uttar Pradesh police await the firm’s disclosure before they begin their own investigation.
Massachusetts General Hospital discloses a breach affecting 4300 patients. A third-party (a dental patient scheduling software vendor) is thought to be the origin of the breach, which affects records, not devices.
But medical devices are also under attack, in large part because of their potential to compromise sensitive patient information. TrapX Labs reports seeing a wave of IoT device hacks using the venerable Conficker worm.
Popular Russian social networking site Sprashivai (Infosecurity Magazine compares it to Yahoo! Answers) has been compromised. It’s using an injected iFrame to redirect users to the RIG exploit kit, which installs the SmokeLoader Trojan (typically associated with credential theft and click fraud).
Observers still believe Guccifer 2.0 (despite denials) is a denial-and-deception operation, but they also wonder why the Russians would bother.
The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) V5 standards go into effect today.
And a note to our readers: the CyberWire will not publish Monday, as we celebrate Independence Day. We'll be back as usual on Tuesday, July 5.