Security Leftovers and Windows TCO
-
Krebs On Security ☛ ID Theft Service Resold Access to USInfoSearch Data
One of the cybercrime underground’s more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned.
-
Citizen Lab ☛ Spyware Targeting Against Serbian Civil Society
We confirm that two members of Serbian civil society were targeted with spyware earlier this year. Both have publicly criticized the Serbian government. We are not naming the individuals at this time by their request. The Citizen Lab’s technical analysis of forensic artifacts was conducted in support of an investigation led by Access Now in collaboration with the SHARE Foundation. Researchers from Amnesty International independently analyzed the cases and their conclusions match our findings.
-
Craig Murray ☛ The Twitter Hack
The hack of my X Twitter account was definitely intended to reduce my reach on Palestine, it took place while the security services have possession of my electronics and access to my account, and it involved either complicity by Twitter or a security service backdoor.
-
Windows TCO
-
SANS ☛ Pro Russian Attackers Scanning for Sharepoint Servers to Exploit CVE-2023-29357, (Tue, Nov 28th)
-
Security Week ☛ Police Dismantle Major Ukrainian Ransomware Operation
Police from several countries have dismantled a major Ukraine-based ransomware operation and arrested its alleged ringleader.
-
Silicon Angle ☛ Europol-led operation results in arrest of alleged ransomware gang in Ukraine
A joint international law enforcement operation led by the European Union Agency for Law Enforcement Cooperation and the European Union Agency for Criminal Justice Cooperation has led to the arrest of five people allegedly running a ransomware group from Ukraine.
-
Scoop News Group ☛ Ransomware gang broken up in Ukraine as a result of international operation
Police in Ukraine arrested a 32-year-old man they say was the "leader" of a group, as well as "his four most active accomplices," according to a Surveillance Giant Google translation of a statement issued by the Ukrainian Cyber Police.
-
Kansas Reflector ☛ Kansas judiciary plans to begin restoration in December of IT systems hit by cyberattack
The judicial branch disclosed the disruption in 104 of 105 counties — Johnson County operates on an independent network — following the Oct. 12 incident. Subsequently, Supreme Court justices said the system depended on to electronically file documents and to process court cases was undermined by sophisticated international criminals. The judicial branch didn’t release an update of what information was stolen or whether perpetrators sought a ransom.
-
The Register UK ☛ Japan's space agency suffers cyber attack, points finger at Active Directory
Chief cabinet secretary Matsuno mentioned the incident in his morning briefing, telling reporters the agency suspected a breach, possibly to its Active Directory implementation, so conducted further research and found illegal access.
JAXA has since shut down part of its network, including an intranet, as it seeks help to determine the extent of the incident.
-
[Repeat] CBS ☛ Municipal Water Authority of Aliquippa hacked by Iranian-backed cyber group
The machine that was hacked uses a system called Unitronics, which Mottes says is software or has components that are Israeli-owned.
-
[Repeat] The Record ☛ Pennsylvania water authority hit with cyberattack allegedly tied to pro-Iran group
Mottes noted that the hacked system uses software or components from Unitronics, an Israeli-owned technology company. He reiterated that the attack had no effect on drinking water or the water supply.
-
Data Breaches ☛ Municipal Water Authority of Aliquippa [breached] by Iranian-backed cyber group
Matthew Mottes, the chairman of the board of directors for the Municipal Water Authority of Aliquippa, confirmed to KDKA-TV that the cyber group, known as Cyber Av3ngers, took control of one of the stations. An alarm went off as soon as the [breach] had occurred.
-
CBS ☛ Municipal Water Authority of Aliquippa [breached] by Iranian-backed cyber group
The machine that was hacked uses a system called Unitronics, which Mottes says is software or has components that are Israeli-owned.
-
Cox Media Group ☛ Officials investigating cyberattack on Municipal Water Authority of Aliquippa
Congressman Chris Deluzio said on his Facebook that his office is in touch with leadership, which is reporting that there was no loss of water service for customers.
Federal officials are also assisting in the investigation, Deluzio said.
-
[Repeat] Security Week ☛ [Attackers] Hijack Industrial Control System at US Water Utility
The company provides water and sewer services to more than 6,600 customers in Aliquippa and portions of Hopewell, Raccoon and Potter Townships.
A representative of the water utility told KDKA-TV that the compromised system is associated with a booster station that monitors and regulates water pressure for Raccoon and Potter Townships.
-
Scoop News Group ☛ Pennsylvania water facility hit by Iran-linked hackers
The hackers appear to have accessed a Unitronics programmable logic controller and displayed an image that read: “You have been hacked. Down with Israel. Every equipment ‘made in Israel’ is a Cyber Av3ngers legal target.” Unitronics is an Israel-based publicly traded company.
“The group has some technological capabilities,” Messing added, “but generally speaking it’s more or less what you see with other hacktivists groups — a lot of exaggerations on its achievements and in some cases complete fabrication.”
-
[Repeat] Data Breaches ☛ North Texas Municipal Water District hit by ransomware attack
The Municipal Water Authority of Aliquippa in Pennsylvania recently reported a cyberattack that appeared to be by an Iranian-backed group, “Cyber Av3ngers” that shut down technology involved in the drinking water supply to Raccoon and Potter townships. But Aliquippa wasn’t the only water authority to recently experience a cyberattack. The Daixin ransomware team added the North Texas Municipal Water District (NTMWD) to their leak site yesterday. The listing simply provided a filelist, a claim that Daixin had acquired 33,844 files, and a note that the full leak “WILL BE SOON.”
-