Security Alerts & News
by Tymoteusz A. Góral

#1020 Piracy phishing scam targets US ISPs and subscribers
An elaborate "piracy" phishing operation is targeting U.S. Internet providers and subscribers. Scammers are using the name of anti-piracy tracking company IP-Echelon and rightsholders such as Lionsgate, to send fake DMCA notices and settlement demands to ISPs. U.S. law enforcement has been notified and is currently investigating the matter.

For more than a decade copyright holders have been monitoring unauthorized downloads. Traditionally this resulted in harmless takedown notices, but increasingly, these warnings are bundled with automated “fines.”

Rightscorp and CEG TEK are the best known anti-piracy outfits employing this tactic, and this week another party appeared to have joined.
#1019 NASCAR team pays ransomware fee to recover files worth $2 million
NASCAR team Circle Sport-Leavine Family Racing (CSLFR) revealed today it faced a ransomware infection this past April when it almost lost access to crucial files worth nearly $2 million, containing car parts lists and custom high-profile simulations that would have taken 1,500 man-hours to replicate.

The infection took place on the computer belonging to Dave Winston, CSLFR's crew chief. Winston's staff detected the infection when encrypted files from Winston's computer began syncing to their joint Dropbox account.

The crew notified Winston, who isolated his computer from the rest of the network, but by that time, the ransomware's encryption process had already all the data it needed to lock the rest of the files.

Googling for details on their ransomware infection, the team discovered they were infected with the TeslaCrypt ransomware. The crooks behind the TeslaCrypt ransomware decided to abandon their criminal operations and release a free decryption key later in mid-May, about a month after CSLFR's infection.
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12