Security Leftovers
-
New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows [Ed: The term "Linux Backdoor" is intentionally misleading because it does not come with Linux or via Linux or because of a hole in Linux. This is typical Microsoft-centric propaganda from Windows-friendly sites. If people inject some malware into a Windows PC via some Adobe Photoshop zero-day or Chrome flaw, does that mean it is a "Windows backdoor"? Meanwhile, former news sites have became shallow public relations for their sponsors, so FUD such as this won't be often (or ever) rebutted.]
The malware is specifically geared towards establishing persistent remote access to compromised target environments for extended periods of time, with evidence pointing to the hacking crew operating the backdoor undetected for years.
-
Russia-affiliated CheckMate ransomware quietly targets popular file-sharing protocol [Ed: Microsoft Window TCO]
Unlike most ransom campaigns, CheckMate, discovered in 2022, has been quiet throughout its operations. To the best of our knowledge, it doesn’t operate a data leak site.
That’s quite unusual for a ransomware campaign since many prominent gangs brag about big targets and post them as victims on their data leak sites. They do this to raise the pressure for a victim to pay the ransom.
Cybernews research has recently detected new CheckMate activity. It turns out the gang has been actively targeting weakly-protected SMB shares.
-
Student Medical Records May Have Been Taken in San Diego Unified Hack
The breadth of a cyber attack against San Diego Unified School District last year is coming into view. Student medical records may have been taken during the hack, district officials notified parents in a letter dated May 4.
-
Ransomware attack on PharMerica affected 5.8 million patients [Ed: Microsoft Window TCO]
While the Fortra/GoAnywhere data breach by Clop is shaping up to be the biggest, or one of the biggest, breaches affecting HIPAA-covered entities and business associates in 2023, an attack by Money Message on PharMerica is currently the largest single breach reported so far this year, with almost 6 million affected.