Attacks/Breaches

8/9/2018
01:20 PM
50%
50%

PGA of America Struck By Ransomware

Hackers provided a Bitcoin wallet number, though no specific ransom amount was demanded, for the return of files.

While golfing fans have been all about this week's PGA Championship, extortion-minded hackers were more focused on the PGA of America's computer servers.

On Tuesday, employees at the sporting organization found themselves locked out of files relating to marketing materials for this week's event, in Missouri, and next month's Ryder Cup in France.

According to Golfweek, "Staff realized Tuesday morning that their systems had been compromised when attempts to work on the files generated an ominous message: 'Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorythm [sic].'"

They were also warned not to try to break the encryption or else they might not be able to get back certain files.

The PGA said it won't respond to exortion demands; the hackers had included a Bitcoin wallet number, though no specific ransom amount was demanded. The situation remains unresolved as of yesterday.

Read more details here

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
8/13/2018 | 3:43:49 PM
Oh - eh - did they have a BACKUP?
Sounds like another case where an effective and tested backup and restoration plan WOULD be helpful.  I have been writing this for years and years.   Today I still have several 3.5" floppies (remember) from some of my earliest computers containing data.  Hey, you never know?
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15504
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.
CVE-2018-15505
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 a...
CVE-2018-15492
PUBLISHED: 2018-08-18
A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.
CVE-2018-15494
PUBLISHED: 2018-08-18
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
CVE-2018-15495
PUBLISHED: 2018-08-18
/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, as demonstrated by a file:///etc/passwd value.