Security Leftovers
-
KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach
KrebsOnSecurity will likely have a decent amount of screen time in an upcoming Hulu documentary series about the 2015 megabreach at marital infidelity site Ashley Madison. While I can't predict what the producers will do with the video interviews we shot, it's fair to say the series will explore tantalizing new clues as to who may have been responsible for the attack.
-
Toyota sealed up a backdoor to its global supplier management network
Hacker praises carmaker’s prompt response to the (mercifully) good-faith pwnage
-
The U.S. secretly passed a medical cybersecurity law
Surprise! During the end-of-year rush to pass the federal spending bill, a piece of legislation with more than 4,000 pages apportioning out $1.7 trillion of spending, legislators included a section that helps make connected medical devices more secure.
-
CISA Releases ESXiArgs Ransomware Recovery Script
CISA has released a recovery script for organizations that have fallen victim to ESXiArgs ransomware. The ESXiArgs ransomware encrypts configuration files on vulnerable ESXi servers, potentially rendering virtual machines (VMs) unusable.
-
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems (ICS) advisory on February 7, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
-
After Hive takedown, could the LockBit ransomware crew be the next to fall?
As international law enforcement agencies turn up the heat on ransomware gangs, LockBit's high-profile cyberattacks make it a prime target.
-
Russian ransomware money launderer pleads guilty to funneling Ryuk payments [Ed: Microsoft Windows TCO]
A Russian man extradited to the U.S. last year pleads guilty to attempting to conceal ransom payments that resulted from attacks on Americans.
-
Emailing error causes former Blue Cross Blue Shield customers to receive claims
Many former customers of Blue Cross Blue Shield (BCBS) health plans woke up on Friday to discover they had been notified of insurance claims despite not being covered by the provider for some time, causing concerns that a security breach could have leaked customer information.
-
More lawsuits filed over Knox College ransomware attack
By early December 2022, Hive ransomware gang had not only claimed responsibility for an attack on Knox College...
-
Suspected Ransomware Attack Disables Some Systems At Ross Memorial Hospital
News has learned a suspected ransomware attack has hit Ross Memorial Hospital disabling some important diagnostic systems and access to medical files.
Patients in the Emergency Department notified Kawartha 411 this morning calling the situation “crazy”. Patients say staff aren’t able to access the systems needed for treatment and they say even the parking machines aren’t working properly.
-
Russian e-commerce giant exposed buyers' delivery addresses
A leading electrical engineering company in Russia, Elevel, has exposed its customers' personally identifiable information (PII,) including full names and addresses.
-
Saolta confirms data breach at LUH - Highland Radio
Saolta has confirmed that Letterkenny University Hospital is managing a data breach incident arising from the removal of one list of patients from the hospital premises.
-
LockBit ransomware gang claims Royal Mail cyberattack [Ed: The Microsofters 'forget' to say this is a Windows issue]
The LockBit ransomware operation has claimed the cyberattack on UK's leading mail delivery service Royal Mail that forced the company to halt its international shipping services due to "severe service disruption."
This comes after LockBitSupport, the ransomware gang public-facing representative, previously told BleepingComputer that the LockBit cybercrime group did not attack Royal Mail.
-
Clop ransomware has now found a new target [Ed: ZDNet is trying to twist a Microsoft Windows problem as "LINUX"]
-
Clop ransomware flaw allowed Linux victims to recover files for months [Ed: Microsoft propaganded sites try hard to link this to "LINUX", but it is a Windows headache]
-
Hong Kong police and Interpol uncover servers and apps used by global phishing syndicate | South China Morning Post
Hong Kong police have cracked the local operation of an international phishing syndicate that used 563 bogus mobile applications to spy on phones globally and steal information.
-
Optus breach: Sydney man avoids jail over scam texts using hack data
A 20-year-old man has evaded a potentially decade-long jail sentence after trying to scam $2000 from Optus customers affected by its September data breach.
Dennis Su, 19 at the time, pleaded guilty in November to texting 92 Optus customers and demanding they transfer $2000 to a CBA bank account "or face their personal information being used for financial crimes".