#Ransomware
New post from #Alphv : Deutsche Energie-Agentur
More at : https://www.ransomlook.io/group/Alphv #Ransomware
New #ransomware post!
Title: Campbell County Schools
Group: medusa
Discovered: 2023-12-06 14:37:33.945584
New #ransomware post!
Title: Deutsche Energie-Agentur
Group: alphv
Discovered: 2023-12-06 14:37:22.108840
🚨New ransom group blog posts!🚨
Group name: alphv
Post title: Deutsche Energie-Agentur
Info: https://cti.fyi/groups/alphv.html
Group name: medusa
Post title: Campbell County Schools
Info: https://cti.fyi/groups/medusa.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader Malware
New post from #Medusa : Campbell County Schools
More at : https://www.ransomlook.io/group/Medusa #Ransomware
New post from #Akira : Compass Group Italia
More at : https://www.ransomlook.io/group/Akira #Ransomware
Akira Ransomware Victim: Aqualectra Holdings - https://www.redpacketsecurity.com/akira-ransomware-victim-aqualectra-holdings/
#Akira, #darkweb, #databreach, #ransomware, #threatintel, #tor
Akira Ransomware Victim: Compass Group Italia - https://www.redpacketsecurity.com/akira-ransomware-victim-compass-group-italia/
#Akira, #darkweb, #databreach, #ransomware, #threatintel, #tor
New #ransomware post!
Title: Aqualectra Holdings
Group: akira
Discovered: 2023-12-06 12:39:00.766883
New #ransomware post!
Title: Compass Group Italia
Group: akira
Discovered: 2023-12-06 12:39:00.037807
🚨New ransom group blog posts!🚨
Group name: akira
Post title: Compass Group Italia
Info: https://cti.fyi/groups/akira.html
Group name: akira
Post title: Aqualectra Holdings
Info: https://cti.fyi/groups/akira.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
New post from #Akira : Aqualectra Holdings
More at : https://www.ransomlook.io/group/Akira #Ransomware
🏴☠️💰 November was another busy month for #Ransomware groups
📈 https://Ransomware.live has tracked 483 victims in November 2023
🔗 More statistics available at https://www.ransomware.live/#/stats2023?id=november
New #ransomware post!
Title: Acero Engineering
Group: bianlian
Discovered: 2023-12-06 11:37:49.805377
🚨New ransom group blog post!🚨
Group name: bianlian
Post title: Acero Engineering
Info: https://cti.fyi/groups/bianlian.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
New post from #Bianlian : Acero Engineering
More at : https://www.ransomlook.io/group/Bianlian #Ransomware
HTC Global Services reports cyberattack, data leaked online
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/htc-global-services-reports-cyberattack-data-leaked-online-u-h-y-r-q/gD2P6Ple2L
LockBit has added ALDO Shoes, a Canadian multinational corporation retailer that owns and operates a worldwide chain of shoe and accessories stores, to its victim list.
#LockBit #ALDO #ransomware #datasecurity #cybersecurity #infosec
Co jest najważniejsze w cyberbezpieczeństwie firmy?
Wyobraźmy sobie, że grupie przedsiębiorców lub menagerów zadamy jedno pytanie: “co jest najważniejsze w cyberbezpieczeństwie firmy”? Otrzymamy bardzo różne odpowiedzi. Niektórzy powiedzą bardzo szczerze, że po prostu się nad tym nie zastanawiali. Będą i tacy, którzy pod wpływem przeczytanych raportów lub artykułów wskażą kilka problemów, które akurat są modne.
Najciekawszych odpowiedzi udzielą nam ci przedstawiciele firm, którzy doświadczyli już pewnych problemów i sami przekonali się, to co znaczy “mieć incydent cyber”. Będą wśród nich osoby, które miały w firmie infekcję ransomware’em i wiedzą, jak kosztowne może być odzyskiwanie danych z backupów (o ile się je ma). Będą i tacy, którzy ucierpieli z powodu socjotechniki tracąc albo pieniądze, albo bardzo cenne informacje (niektórzy z nich do tej pory nie wiedzą, co tak naprawdę pozyskali z ich organizacji cyberprzestępcy i mają pewne obawy).
Zagadnienia takie jak “pełne szyfrowanie dysków” czy “zero day” zwykle nie wywołują większych emocji, ale niektóre organizacje w Polsce już wiedzą co to znaczy zgubić laptopa, który nie był szyfrowany (i nie dość że nie był, to znajdowały się na nim dane, które nie powinny być w ogóle zapisane na jego dysku). Jeśli chodzi o “zarządzanie podatnościami”, to również nie wywołuje ono dużych emocji, ale jest to w pewnym stopniu błąd poznawczy. W niektórych firmach dotkniętych atakiem malware’u bardziej pamięta się nazwisko zaatakowanego pracownika (który np. odebrał złośliwy załącznik) niż to, czy komputer tego pracownika na pewno był najlepiej na dany moment zabezpieczony.
Wyrywkowe spojrzenie na bezpieczeństwo wydaje się mieć sens z punktu widzenia menagera. Każdy kto zarządza organizacją wie, [...]
#ARTYKUŁSPONSOROWANY #EDR #ESET #Ransomware #Raporty #Socjotechnika
https://niebezpiecznik.pl/post/co-jest-najwazniejsze-w-cyberbezpieczenstwie-firmy/
New #ransomware post!
Title: syrtech.com
Group: threeam
Discovered: 2023-12-06 08:37:25.345310
🚨New ransom group blog post!🚨
Group name: threeam
Post title: syrtech.com
Info: https://cti.fyi/groups/threeam.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
New post from #Lockbit3 : Fpz.Com
More at : https://www.ransomlook.io/group/Lockbit3 #Ransomware
New post from #Lockbit3 : Labelians.Fr
More at : https://www.ransomlook.io/group/Lockbit3 #Ransomware
New post from #Lockbit3 : Polyclinique-Cotentin.Com
More at : https://www.ransomlook.io/group/Lockbit3 #Ransomware
New post from #3Am : Syrtech.Com
More at : https://www.ransomlook.io/group/3Am #Ransomware
New #ransomware post!
Title: Sagent
Group: medusa
Discovered: 2023-12-06 07:35:37.379506
New #ransomware post!
Title: ACCU Reference Medical Lab
Group: medusa
Discovered: 2023-12-06 07:35:37.936754
New #ransomware post!
Title: polyclinique-cotentin.com
Group: lockbit3
Discovered: 2023-12-06 07:35:32.567619
New #ransomware post!
Title: labelians.fr
Group: lockbit3
Discovered: 2023-12-06 07:35:30.523668
New #ransomware post!
Title: fpz.com
Group: lockbit3
Discovered: 2023-12-06 07:35:28.837959
🚨New ransom group blog posts!🚨
Group name: lockbit3
Post title: fpz.com
Info: https://cti.fyi/groups/lockbit3.html
Group name: lockbit3
Post title: labelians.fr
Info: https://cti.fyi/groups/lockbit3.html
Group name: lockbit3
Post title: polyclinique-cotentin.com
Info: https://cti.fyi/groups/lockbit3.html
Group name: medusa
Post title: Sagent
Info: https://cti.fyi/groups/medusa.html
Group name: medusa
Post title: ACCU Reference Medical Lab
Info: https://cti.fyi/groups/medusa.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
New post from #Medusa : Accu Reference Medical Lab
More at : https://www.ransomlook.io/group/Medusa #Ransomware
New post from #Medusa : Sagent
More at : https://www.ransomlook.io/group/Medusa #Ransomware
New post from #8Base : Lischkoff And Pitts, P.C.
More at : https://www.ransomlook.io/group/8Base #Ransomware
New post from #8Base : Smg Confrere
More at : https://www.ransomlook.io/group/8Base #Ransomware
New post from #8Base : Calgary Telus Convention Centre
More at : https://www.ransomlook.io/group/8Base #Ransomware
New post from #8Base : Astley.
More at : https://www.ransomlook.io/group/8Base #Ransomware
New #ransomware post!
Title: astley.
Group: 8base
Discovered: 2023-12-06 06:37:08.563849
New #ransomware post!
Title: SMG Confrere
Group: 8base
Discovered: 2023-12-06 06:37:07.439178
New #ransomware post!
Title: Lischkoff and Pitts, P.C.
Group: 8base
Discovered: 2023-12-06 06:37:06.425858
New #ransomware post!
Title: Calgary TELUS Convention Centre
Group: 8base
Discovered: 2023-12-06 06:37:05.070525
🚨New ransom group blog posts!🚨
Group name: 8base
Post title: Calgary TELUS Convention Centre
Info: https://cti.fyi/groups/8base.html
Group name: 8base
Post title: Lischkoff and Pitts, P.C.
Info: https://cti.fyi/groups/8base.html
Group name: 8base
Post title: SMG Confrere
Info: https://cti.fyi/groups/8base.html
Group name: 8base
Post title: astley.
Info: https://cti.fyi/groups/8base.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
BlackCat ransomware crims threaten to directly extort victim’s customers – Source: go.theregister.com https://ciso2ciso.com/blackcat-ransomware-crims-threaten-to-directly-extort-victims-customers-source-go-theregister-com/ #rssfeedpostgeneratorecho #TheRegisterSecurity #CyberSecurityNews #TheRegister #ransomware #BlackCat
State, northwest Indiana medical company settle lawsuit over exposure of 45K Hoosiers’ data. #ransomware
Tipalti investigates claims of data stolen in #ransomware attack
New post from #Alphv : Tracs Florida Fsu
More at : https://www.ransomlook.io/group/Alphv #Ransomware
New #ransomware post!
Title: Henry Schein Inc - Henry's " LOST SHINE "
Group: alphv
Discovered: 2023-12-05 20:36:27.280236
New #ransomware post!
Title: TraCS Florida FSU
Group: alphv
Discovered: 2023-12-05 20:36:26.687400
🚨New ransom group blog posts!🚨
Group name: alphv
Post title: TraCS Florida FSU
Info: https://cti.fyi/groups/alphv.html
Group name: alphv
Post title: Henry Schein Inc - Henry's " LOST SHINE "
Info: https://cti.fyi/groups/alphv.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
New #ransomware post!
Title: laprensani.com
Group: lockbit3
Discovered: 2023-12-05 19:34:54.415895
🚨New ransom group blog post!🚨
Group name: lockbit3
Post title: laprensani.com
Info: https://cti.fyi/groups/lockbit3.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
New #ransomware post!
Title: aldoshoes.com
Group: lockbit3
Discovered: 2023-12-05 18:36:29.645046
🚨New ransom group blog post!🚨
Group name: lockbit3
Post title: aldoshoes.com
Info: https://cti.fyi/groups/lockbit3.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
Supply-chain ransomware attack causes outages at over 60 credit unions – Source: www.tripwire.com https://ciso2ciso.com/supply-chain-ransomware-attack-causes-outages-at-over-60-credit-unions-source-www-tripwire-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #grahamcluleycom #Vulnerability #CitrixBleed' #Grahamcluley #DataBreach #ransomware #Guestblog #Dataloss #Malware
Multistate Coalition of State Attorneys General Secures $49.5 Million from Cloud Company #Blackbaud for 2020 Data Breach #ransomware
https://www.lexology.com/library/detail.aspx?g=c4422b96-c5ab-4f30-ad9d-e1b0f535ef4c
New #ransomware post!
Title: mapc.org
Group: lockbit3
Discovered: 2023-12-05 16:34:38.672281
🚨New ransom group blog post!🚨
Group name: lockbit3
Post title: mapc.org
Info: https://cti.fyi/groups/lockbit3.html
#ransomware #cti #threatintelligence #cybersecurity #infosec
Hermon School Department report ransomware attack
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/hermon-school-department-report-ransomware-attack-b-b-p-d-n/gD2P6Ple2L
New #ransomware post!
Title: ussignandmill.com
Group: threeam
Discovered: 2023-12-05 15:36:41.389214
New #ransomware post!
Title: skalar.com
Group: ransomblog_noname
Discovered: 2023-12-05 15:36:35.722089
Hospital #ransomware have a huge impact on patients' health outcomes, it turns out. WHO KNEW??
And keep in mind, 42 - 67 deaths was just patients covered by Medicare in the US, not those covered by other types of insurance or those in other parts of the world.
Cybersecurity is healthcare.
https://www.statnews.com/2023/11/17/hospital-ransomware-attack-patient-deaths-study/
@yacc143 @q3k @BNetzA @EU_Commission
Not only that, but it's trivial to not only jam GPS [would be interesting if said trains cease to drive without signal!] and it's likely even possible that a malicious #firmware update could basically "geofence" the entire world, bricking the train in the process...
And that's just the things I could come up at a moments' notice.
Imagine what state-sponsored attackers could do:
How about #Ransomware'ing an entire train + passengers???
Hermon School Department (ME) hit with ransomware attack https://www.bangordailynews.com/2023/12/04/news/bangor/hermon-school-department-ransomware-attack/ #edtech #edusec #ransomware @funnymonkey @PogoWasRight @brett
Supply-chain ransomware attack causes outages at over 60 credit unions.
Read more in my article on the Tripwire blog: https://www.tripwire.com/state-of-security/supply-chain-ransomware-attack-causes-outages-over-60-credit-unions
#cybersecurity #databreach #ransomware #vulnerability #citrixbleed
The FortiGuard Labs team recently analyzed the new #ransomware group, #Rhysida, and found that it attacks Windows machines through VPN devices and RDP, and is targeting industries such as education and manufacturing. 📚 🦾
🔎 Learn more: https://cybersecuritynews.com/rhysida-ransomware-attacking-windows/ via Cyber Security News
@IST_org was on @CBSEveningNews! In a story on health care #cyberattacks, @NicoleSganga cited @silascutler’s research on global ransomware incidents, which found at least 299 #ransomware attacks against hospitals this year.
https://www.cbsnews.com/video/latest-hospital-cyberattack-shows-health-care-systems-vulnerability/
https://securityandtechnology.org/blog/2022-global-ransomware-incident-map/
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #48/2023 is out! It includes the following and much more:
➝ 🔓 🇯🇵 Japanese Space Agency #JAXA hacked in summer #cyberattack
➝ 🔓 🇮🇳 Hacker claims theft of #Shadowfax users’ information
➝ 🔓 🗣️ #Okta Discloses Broader Impact Linked to October 2023 Support System #Breach
➝ 🇨🇳 🇳🇱 Hackers spent 2+ years looting secrets of chipmaker #NXP before being detected
➝ 🔓 🇮🇳 #LockBit claims cyberattack on India’s national #aerospace lab
➝ 🔓 🇺🇸 General Electric investigates claims of cyber attack, data theft
➝ 🇪🇺 #Europol arrest hackers allegedly behind string of #ransomware attacks
➝ 🇺🇦 🇷🇺 #Ukraine claims cyber operation against Russian aviation agency
➝ 🇺🇸 🇰🇵 U.S. Treasury Sanctions #Sinbad #Cryptocurrency Mixer Used by North Korean Hackers
➝ 🇺🇸 🪖 #Pentagon’s AI Initiatives Accelerate Hard Decisions on Lethal Autonomous Weapons
➝ 🇺🇸 🇬🇧 U.S., U.K., and Global Partners Release Secure AI System Development Guidelines
➝ 🇮🇷 🇺🇸 Hackers Hijack Industrial Control System at US Water Utility
➝ 🦠 🇨🇳 🇰🇷 🇺🇿 Chinese Hackers Using #SugarGh0st RAT to Target South #Korea and #Uzbekistan
➝ 🦠 💸 CACTUS #Ransomware Exploits #Qlik Sense Vulnerabilities in Targeted Attacks
➝ 🦠 🇮🇷 Hundreds of Malicious #Android Apps Target Iranian Mobile Banking Users
➝ 🩹 🍏 #Apple Patches #WebKit Flaws Exploited on Older iPhones
➝ 🔐 💬 #WhatsApp’s new ‘secret codes’ add an extra layer of privacy for your locked chats
➝ 🔐 🇪🇺 #NetHSM 1.0 is Available! The First Open Source Hardware Security Module
➝ 🐛 New #BLUFFS attack lets attackers hijack #Bluetooth connections
➝ 🐛 🗄️ #Zyxel warns of multiple critical #vulnerabilities in NAS devices
➝ 🐛 🗓️ Zero-Day Alert: Google #Chrome Under Active Attack, Exploiting New Vulnerability
➝ 🐛 🤖 Severe Vulnerabilities reported in in Ray #OpenSource Framework for #AI/#ML
➝ 🐛 ☁️ #ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation
📚 This week's recommended reading is: "Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem" by Chris Hughes and Nikki Robinson, DSc, PhD, foreword by @RonGula -- PRE-ORDER NOW!
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-482023
"Payments to ransomware and extortion groups need to be outlawed. I know, I know, it will be hard and there’s a million reasons to argue against it and lots of vested interests who don’t want this. ... I mean it — ransomware payments to these groups need to be outlawed, internationally." - Kevin Beaumont (aka @GossiTheDog )
Support ausgelaufen: Mehr als 20.000 #Exchange Server potenziell angreifbar
https://www.heise.de/news/Support-ausgelaufen-Mehr-als-20-000-Exchange-Server-potenziell-angreifbar-9546919.html
Ergiebige Erntesaison für #Ransomware! 😈
Aber ich bin sicher, es gibt sehr gute Gründe, auf das teure #Microsoft-Ökosystem zu setzen und offenbar all diese #Security-Risiken zu akzeptieren anstatt in eigenes IT-Personal lokal zu investieren.
Hoffentlich gibt's keinen Cent Steuergeld für die betroffenen Firmen. Das wäre natürlich bitter.
Cactus #ransomware exploiting Qlik Sense flaws to breach networks
60 credit unions facing outages due to #ransomware attack on popular tech provider.
Is this one on your Bleed list, @GossiTheDog?
https://therecord.media/credit-unions-facing-outages-due-to-ransomware
Henry County School System Confirms Cyber Attack Was From Outside the US (and that it was #ransomware
Ransomware Black Basta beschert Erpressern über 100 Millionen Dollar Umsatz
Überwiegend US-amerikanische Unternehmen haben den russischen Erpressern seit Anfang 2022 neunstellige Umsätze beschert. Black Basta hatte mehr als 300 Opfer.
"Please support us with the right answers" <- Due diligence, #ransomware negotiator-style. #Monti
Black Basta #ransomware made over $100 million from extortion
"The #ransomware gang removed the #FNF listing from its leak site on the same day that FNF published its filing saying it had contained the incident."
#LockBit claims #cyberattack on India’s national aerospace lab
https://techcrunch.com/2023/11/28/lockbit-india-national-aerospace-laboratories-ransomware-attack/
Today, it’s pretty much inconceivable for a Network Architect to design a system that isn’t
1) centralized,
2) cloud-based, and
3) connected to the Internet.
Shimano, a global manufacturer of bikes and fishing equipment, was breached. For them, the problem wasn’t data encryption, but data exposure. A massive trove of data was exfiltrated, and at least some of it has been published online.
The link to the article:
https://www.bicycling.com/news/a45974423/shimano-ransomware-attack-hackers-published-data/
The “normal” system architecture is predisposed to these types of problems. The instant you connect your data to the Internet, you create a global attack surface.
This is why centralizing your data is a very bad idea.
This is also why making 100% of your data available via the Internet is a very bad idea.
This is also why saving money on Internet connectivity instead of paying for private data circuits is a very bad idea.
You can save money, or you can be secure .
Wait - come to think of it, being secure may actually save money, too.
Qilin #ransomware claims attack on automotive giant Yanfeng
Magic circle firm Allen & Overy has refused to comment on whether it paid a ransom to cyber-criminals to have it removed from a hackers’ site. #ransomware
#LockBit has listed #TCW: an asset management firm which works with "many of the world’s largest corporate and public pension plans, financial institutions, endowments and foundations, as well as financial advisors and high net worth individuals." #ransomware
Police dismantle #ransomware group behind attacks in 71 countries
Newfound Memorial Middle School (NH) closed Wednesday due to malfunctioning boilers (and a ransomware attack) https://www.wmur.com/article/newfound-middle-school-nh-closed-wednesday/45979768 #edtech #edusec #ransomware @PogoWasRight @brett @funnymonkey
A K-12 cyberattack hit thousands of people in Louisiana. They're still in the dark months later. https://www.nola.com/news/cyberattack-data-breach-hits-st-landry-parish-school/article_9a464bf8-6a7c-5d1b-a35c-f7d5c4066de5.html #edtech #edusec #NOLA #ransomware @PogoWasRight @brett @funnymonkey via @mkeierleber and colleagues
Ukraine: Fünf Festnahmen bei Razzia gegen Ransomware-Bande
Zusammen mit internationalen Ermittlern hat die ukrainische Cyberpolizei mehr als 30 Wohnungen und Autos durchsucht. Der mutmaßliche Bandenchef ist in Haft.
#Ransomware attack on indie game maker wiped all player accounts
Healthcare giant Henry Schein hit twice by BlackCat #ransomware
#Ardent hospital ERs disrupted in 6 states after #ransomware attack
#Ransomware ‘catastrophe’ at #Fidelity National Financial causes panic with homeowners and buyers
Europol: ‘law enforcement and judicial authorities from seven countries have joined forces with Europol and Eurojust to dismantle and apprehend in Ukraine key figures behind significant ransomware operations wreaking havoc across the world.’ https://www.europol.europa.eu/media-press/newsroom/news/international-collaboration-leads-to-dismantlement-of-ransomware-group-in-ukraine-amidst-ongoing-war #tech #internet #cybersecurity #security #ukraine #law #ransomware #databreach
The Record: North Texas Municipal Water District (NTMWD), a water utility company serving 2 million, hit with cyberattack. Daixin Team claimed responsibility for the attack. This comes one day after the Municipal Water Authority of Aliquippa was attacked by the Iranian-backed hacking group Cyber Av3ngers.
🔗 https://therecord.media/north-texas-water-utility-cyberattack
North Texas Municipal Water District hit by ransomware attack:
https://www.databreaches.net/north-texas-municipal-water-district-hit-by-ransomware-attack/
#DaixinTeeam gave me some additional info on this one. From what I have been able to determine and from the NTMWD's statement to DataBreaches.net, Daixin did not hit the water supply system, but got the business system.
But this is the second municipal water district attack in about a week. The first was politically motivated, or so the attackers claimed. This one is allegedly financially motivated.
#databreach #ransomware infosec #cybersecurity #CriticalInfrastructure #HomelandSecurity
This #Giving Tuesday, I am proud to support @IST_org, a nonprofit think tank that tackles the world’s toughest security threats. Donate and join me in helping combat cyber threats like #ransomware: https://securityandtechnology.org/donate-get-involved/
Europol says an international law enforcement operation has apprehended key figures in Ukraine thought to be behind several high-profile #ransomware attacks which cost victims hundreds of millions of Euros - including deployments of LockerGoga, MegaCortex, HIVE and Dharma ransomware campaigns.
-
"Those responsible for breaking into networks did so through techniques including brute force attacks, SQL injections and sending phishing emails with malicious attachments in order to steal usernames and passwords.
"Once inside the networks, the attackers remained undetected and gained additional access using tools including TrickBot malware, Cobalt Strike and PowerShell Empire, in order to compromise as many systems as possible before triggering ransomware attacks.
#Ransomware attacks (2016-23) - biggest, notable, most recent. 600+ tracked in one interactive #dataviz https://geni.us/IIBRansomware
Here's a short clip of my "The Crazy World of Ransomware" talk, where I share some of the more bonkers stories from the world of.. you guessed it... ransomware.
Watch the full video at:
https://grahamcluley.com/the-crazy-world-of-ransomware/
Enjoy!
Ethyrial: Echoes of Yore hacked! 17,000 game accounts "lost"
Read more in my article on the Bitdefender blog: https://www.bitdefender.com/blog/hotforsecurity/ethyrial-echoes-of-yore-hacked-17-000-game-accounts-lost/
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #47/2023 is out! It includes the following and much more:
➝ 🔓 🇬🇧 University of Manchester #CISO Speaks Out on Summer Cyber-Attack
➝ 🔓 🇺🇸 Hacktivists breach U.S. nuclear research lab, steal employee data
➝ 🔓 👀 Sumo Logic Completes Investigation Into Recent Security #Breach
➝ 🔓 🇺🇸 Auto parts giant AutoZone warns of #MOVEit data breach
➝ 🔓 🇨🇦 Canadian government discloses data breach after contractor hacks
➝ 🇦🇫 New 'HrServ.dll' Web Shell Detected in #APT Attack Targeting Afghan Government
➝ 🇬🇧 🇰🇷 UK and South Korea: Hackers use zero-day in supply-chain attack
➝ 🇵🇸 🇮🇱 #Hamas-Linked #Cyberattacks Using Rust-Powered SysJoker #Backdoor Against #Israel
➝ 🇷🇺 😱 “They are tired of him, but they are afraid”: what is known about the leader of the hacker group Killnet
➝ 🇰🇵 N. Korean Hackers Distribute Trojanized #CyberLink Software in Supply Chain Attack
➝ ▶️ 🛒 Play #Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals
➝ 🇮🇳 Indian Hack-for-Hire Group Targeted U.S., #China, and More for Over 10 Years
➝ 🇷🇺 Russian hackers use #Ngrok feature and #WinRAR exploit to attack embassies
➝ 🇺🇸 🩺 #CISA Releases Cybersecurity Guidance for #Healthcare, Public Health Organizations
➝ 🇬🇧 🙏🏻 Thanking the vulnerability research community with #NCSC Challenge Coins
➝ 🧅 #Tor Network Removes Risky Relays Associated With #Cryptocurrency Scheme
➝ 🇺🇦 👋🏻 #Ukraine fires top cybersecurity officials
➝ 🩹 Johnson Controls Patches Critical #Vulnerability in Industrial Refrigeration Products
➝ 🦠 🦀 New WailingCrab #Malware Loader Spreading via Shipping-Themed Emails
➝ 🦠 📨 New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
➝ 🦠 🎠 NetSupport #RAT Infections on the Rise - Targeting Government and Business Sectors
➝ 🚫 Google #Chrome will limit ad blockers starting June 2024
➝ 🐛 ☁️ 3 Critical Vulnerabilities Expose #ownCloud Users to Data Breaches
➝ 🔓 ☁️ Researchers Discover Dangerous Exposure of Sensitive #Kubernetes Secrets
➝ 🔓 ☝🏻 New Flaws in Fingerprint Sensors Let Attackers Bypass #Windows Hello Login
➝ 🔓 🩸 ‘#CitrixBleed’ vulnerability targeted by nation-state and criminal hackers: CISA
➝ 🐡 Researchers extract RSA keys from #SSH server signing errors
📚 This week's recommended reading is: "How I Rob Banks: And Other Such Places" by FC a.k.a. Freakyclown
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-472023
Wyciek danych medycznych dziesiątek tysięcy osób z #alabmed będzie największym niepolitycznym newsem roku. Strona Alab już umarła
#BritishLibrary confirmed that #personaldata stolen in #cyberattack has appeared online, apparently for sale 2 highest #bidder. Attack was carried out in Oct by group known for such criminal activity said UK’s national #library which holds 14m books & M of other items. This wk Rhysida, known #ransomware group, claimed it was responsible 4 attack. It posted low-resolution images of personal info online, offering stolen data for sale w starting bid of 20 bitcoins - £596,000 https://www.theguardian.com/technology/2023/nov/22/personal-data-stolen-in-british-library-cyber-attack-appears-for-sale-online
@SwiftOnSecurity OneDrive still causes me massive compatibility problems with business applications. Many of them get very angry that the files aren't linked the way they expect, and yes, its bad programming, but unfortunately its business. I'd much rather use a proper backup tool with unlimited historical rewind options to recover files from and not affect the way Windows actually stores and represents documents to the user. You don't even need the #cloud for it.
#sysadmin #backups #ransomware
Patient gets biopsy in U.S. after she says she was denied in #Ontario due to #ransomware attack.
https://www.cbc.ca/news/canada/windsor/ransomware-attack-hospital-windsor-out-of-country-1.7030538
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #46/2023 is out! It includes the following and much more:
➝ 🔓 🇯🇵 #Toyota confirms breach after Medusa #ransomware threatens to leak data
➝ 🇺🇸 😂 Ransomware gang files #SEC complaint over victim’s undisclosed #breach
➝ 🔓 🪶 Attackers claim Plume Design, Inc data breach
➝ 🇺🇸 💰 #ICBC paid ransom after hack that disrupted markets, #cybercriminals say
➝ 🔓 #Dragos Says No Evidence of Breach After Ransomware Gang Claims Hack via Third Party
➝ 🔓 ✈️ Hackers swipe Booking.com, damage from attack is global
➝ 🇷🇺 🇺🇦 Russian #CyberEspionage Group Deploys #LitterDrifter USB #Worm in Targeted Attacks
➝ 🇮🇱 🇺🇸 Israeli Man Who Made $5M From Hacking Scheme Sentenced to Prison in US
➝ 🇫🇮 ⚖️ Alleged Extortioner of Psychotherapy Patients Faces Trial
➝ 🇺🇸 💸 #LockBit ransomware exploits #CitrixBleed in attacks, 10K servers exposed
➝ 🇺🇸 ⚖️ #IPStorm botnet with 23,000 proxies for malicious traffic dismantled
➝ 👶🏻 🧨 Teens with “digital bazookas” are winning the ransomware war, researcher laments
➝ 💸 #Ethereum feature abused to steal $60 million from 99K victims
➝ 🇩🇰 🇷🇺 #Denmark Hit With Largest #Cyberattack on Record
➝ 🇨🇳 🇰🇭 Chinese Hackers Launch Covert #Espionage Attacks on 24 Cambodian Organizations
➝ 🇲🇾 Major Phishing-as-a-Service Syndicate '#BulletProofLink' Dismantled by Malaysian Authorities
➝ 🇪🇺 🥳 EU Parliament committee rejects mass scanning of private and encrypted communications
➝ 🩹 #ICS Patch Tuesday: 90 Vulnerabilities Addressed by Siemens and Schneider Electric
➝ 🦠 🐍 27 Malicious #PyPI Packages with Thousands of Downloads Found Targeting IT Experts
🇻🇳 🇮🇳 Vietnamese Hackers Using New #Delphi-Powered #Malware to Target Indian Marketers
➝ 🔐 #Google Adds #Passkey Support to New Titan Security Key
➝ 🐛 Zero-Day Flaw in #Zimbra Email Software Exploited by Four Hacker Groups
➝ 🩹 #SAP Patches Critical Vulnerability in Business One Product
➝ 🐛 New #Reptar CPU flaw impacts Intel desktop and server systems
➝ 🐛 New #CacheWarp AMD #CPU attack lets hackers gain root in Linux VMs
📚 This week's recommended reading is: "Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World" by @marcusjcarey and Jennifer Jin
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-462023
Ontario Hospital CEOs are calling for legislation that would ban paying ransomware demands.
#Ransomware'bande verpetzt Opfer bei US-Behörde
"Wie dreist kann man sein? Die Cyberkriminellen von ALPHV/BlackCat heben Online-#Erpressung aufs nächste Level."
😂😂😂 https://www.heise.de/news/l-f-Ransomwarebande-meldet-Opfer-bei-US-Behoerde-9530215.html
Ransomware group reports victim it breached to SEC regulators - Enlarge (credit: Getty Images)
One of the world’s most active ... - https://arstechnica.com/?p=1984663 #securitiesandexchangecommission #ransomware #extortion #security #biz&it
#Ransomware gang files SEC complaint over victim’s undisclosed breach
:ablobcatdundundun:
Auch die gehackte Firma #Concevis erhielt -oh wunder- ALLE Bundesaufträge freihändig. #Xplain #Ransomware #Beschaffungswesen
Thanks to everyone who has enjoyed the "Crazy world of ransomware" talk I gave for Trellix.
Although I imagine many of you most enjoyed checking out my Doctor Who book collection and Beatles-related nick-nacks on my bookshelf...
Toronto Public Library has confirmed that during the cyberattack back on October 27 resulted in the loss of personal data of their staff dating as far back as 1998.
The library system confirmed that the attackers made off with personal information such as names, birthdates, social insurance numbers and home addresses.
For more: https://www.cbc.ca/news/canada/toronto/toronto-public-library-ransomware-employee-data-1.7028982
#infosec #cybersecurity #ransomware #databreach #TorontoPublicLibrary #PublicLibrary #Toronto #Ontario #Canada
Staatsunternehmen: Cyberangriff bremst Deutsche Energie-Agentur aus
"Eine wichtige deutsche Firma ist nach eigenen Angaben »technisch weitgehend arbeitsunfähig«: Wie die #Dena selbst mitteilt, ist sie Ziel eines Hackerangriffs geworden."
#Ransomware https://www.spiegel.de/netzwelt/netzpolitik/dena-cyberangriff-bremst-deutsche-energie-agentur-aus-a-09089c3e-d2d1-47f1-9091-1543fb79da36
"Meanwhile, Moneris confirmed an external party attempted an attack on the company. However, the company claim the intrusion was thwarted by the company's cybersecurity team and "Moneris and its customers were not impacted.""
#Moneris handles *all* the payment processing for the Government of Canada.
The governments penchant for putting all it's eggs in a single basket (while calling itself "risk averse") is... concerning.
Hot #CyberSecurity take:
Companies and organizations should be required to publicly disclose amounts paid to #Ransomware gangs. Better yet, governments should make it illegal for business to pay cybercriminals in the first place...
Not only does paying these groups fund their operation, it also puts a big flag on said company/organization that says "Hey! We pay digital ransoms which makes us VIP targets for future attacks!!"
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #45/2023 is out! It includes the following and much more:
➝ 🔓 ✈️ #Boeing breach: LockBit leaks 50 GB of data
➝ 🇨🇳 World’s largest commercial bank #ICBC confirms #ransomware attack
➝ 🔓 ☁️ Sumo Logic alerts customers about #securityincident; advises rotate Sumo Logic API access keys
➝ 🔓 🇮🇪 Electric Ireland admits data breach that could see customer financial data compromised
➝ 🔓 🇨🇦 #TransForm says ransomware data breach affects 267,000 patients
➝ 🔓 🇸🇬 #Singapore Marina Bay Sands reward members data breached, over 650k people exposed
➝ 🇮🇱 🇵🇸 🇮🇷 Cyber ops linked to #Israel-#Hamas conflict largely improvised, researchers say
➝ 🧨 🤖 #OpenAI confirms #DDoS attacks behind ongoing #ChatGPT outages
➝ 🛍️ 💸 Fake Ledger Live app in #Microsoft Store steals $768,000 in #crypto
➝ 🔓 🐰 ‘Looney Tunables’ #Glibc Vulnerability Exploited in #Cloud Attacks
➝ 🇺🇸 🇷🇺 US Sanctions Russian National for Helping Ransomware Groups Launder Money
➝ 🇮🇷 🇮🇱 Iranian Hackers Launch Destructive Cyber Attacks on Israeli #Tech and #Education Sectors
➝ 🇫🇷 🇬🇧 #France, #UK Seek Greater Regulation of Commercial #Spyware
➝ 🇪🇺 🤐 #Europe is trading security for digital #sovereignty
➝ 🇷🇺 🇺🇦 Russian Hackers Used #OT Attack to Disrupt Power in #Ukraine Amid Mass Missile Strikes
➝ 🦠 🚪 Highly invasive #backdoor snuck into #opensource packages targets developers
➝ 🦠 🇰🇵 N. Korea's #BlueNoroff Blamed for Hacking #macOS Machines with ObjCShellz #Malware
➝ 🫣 #Signal tests usernames that keep your phone number private
➝ 🔐 Microsoft Authenticator now blocks suspicious #MFA alerts by default
➝ ☁️ 💰 Researchers Uncover Undetectable #CryptoMining Technique on #Azure Automation
➝ 👥 💰 Data Brokers Expose Sensitive US Military Member Info to Foreign Threat Actors: Study
➝ 🩹 Microsoft Says Exchange ‘Zero Days’ Disclosed by #ZDI Already Patched or Not Urgent
➝ 🐛 Veeam warns of critical bugs in #Veeam ONE monitoring platform
📚 This week's recommended reading is: "How the F*ck Did This Happen?: A guide for executives who need to understand Cyber Security in plain, actionable language" by Dr Darryl Carlton
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-452023
An entire state's population just had its data stolen in a ransomware attack
https://mashable.com/article/maine-moveit-ransomware-attack
Maine has confirmed that some points of data that the cybercriminals could potentially have on an individual includes their name, Social Security number, date of birth, driver’s license or state ID number, and taxpayer ID number. Medical information as well has health insurance information may also have been affected...
Version für Screenreader:
Wieso setzen unsere #Verwaltungen immer noch mangelhafte MS Monopoly-Software ein, die nur eins ist:
Notwendige Voraussetzung, um #Opfer von #Ransomware zu werden?
"Wenn die Ransomware ausgeführt wird, löscht sie #Windows Schattenvolumenkopien, verschlüsselt Dateien mit bestimmten Erweiterungen und hängt die Erweiterung .akira an die verschlüsselten Dateien an", erklärten die Forscher bezüglich der Arbeitsweise der eingesetzten #Schadsoftware
Wieso setzen unsere #Verwaltungen immer noch mangelhafte MS Monopoly-Software ein, die nur eins ist
❗Notwendige Voraussetzung,
❗um #Opfer von #Ransomware
❗zu werden
▶️ "Wenn die Ransomware
▶️ ausgeführt wird, löscht sie
▶️ #Windows Schattenvolumen-
▶️ kopien, verschlüsselt Dateien
▶️ mit bestimmten Erweiterungen
▶️ und hängt die Erweiterung
▶️ .akira an die verschlüsselten
▶️ Dateien an", erklärten die
▶️ Forscher bezüglich der
▶️ Arbeitsweise der eingesetzten
▶️ #Schadsoftware
@amvinfe You raise some points about the Hopewell Area School District's lack of transparency following a ransomware attack by the Medusa TA. It looks like there's nothing on the district's site with any update and no local media news coverage since October 23 or 24. Thanks for covering this one and digging into the leaked data.
@douglevin @brett @funnymonkey @mkeierleber
#databreach #ransomware #transparency #incidentresponse #EduSec #infosec #cybersecurity
𝗨𝗣𝗗𝗔𝗧𝗘 𝟭𝟭.𝟭𝟬.𝟮𝟬𝟮𝟯 Aliquippa – PA, cyberattack: HHopewell Area School District is yet another victim in the education sector
World's biggest bank hit by ransomware, forced to trade via USB stick.
Read more in my article on the Bitdefender blog: https://www.bitdefender.com/blog/hotforsecurity/worlds-biggest-bank-hit-by-ransomware-forced-to-trade-via-usb-stick/
Tri-City Medical Center is diverting ambulance traffic to other hospitals Thursday as it copes with a cybersecurity attack that has forced it to declare “an internal disaster”. #ransomware
@douglevin @brett @funnymonkey
So according to their FB notice of November 7, they knew by then there was definite #ransomware deployment.