Microsoft Windows TCO (Breaches and Espionage, Sabotage)
-
[Old] Scoop News Group ☛ Anti-Israel [cracking] campaign highlights danger of [Internet]-connected devices
The operation by the so-called Cyber Av3ngers — a group linked to Iran’s Islamic Revolutionary Guard Corps that is known for overstating the impact of their attacks — targeted a device made by the Israeli firm Unitronics. Among the firm’s global customer base, there are some 1,800 Unitronics devices facing the [Internet], and experts caution that the incident involving the Municipal Water Authority of Aliquippa, Pa., highlights the huge risk of internet-connected devices in industrial facilities.
-
Security Week ☛ Congressmen Ask DOJ to Investigate Water Utility [Breach], Warning It Could Happen Anywhere
The device breached in Pennsylvania was made by Israel-based Unitronics, according to the U.S. Cybersecurity and Infrastructure Security Agency. Known as a programmable logic controller, it is used across a wide spectrum of industries including water and sewage-treatment utilities, electric companies and oil and gas producers. It regulates processes including pressure, temperature and fluid flow, according to the manufacturer.
Unitronics has not responded to queries about what other facilities with its equipment may have been hacked or could be vulnerable.
Experts say many water utilities have paid insufficient attention to cybersecurity.
-
The Register UK ☛ 60 US credit unions offline after ransomware infects backend cloud outfit
We're told the unions' IT provider Ongoing Operations – ironic – was hit by ransomware on Sunday, sparking days of disruption for the biz's clients. It's believed the cloud provider was infiltrated via the Citrix Bleed vulnerability.
-
[Old] The State of Michigan ☛ AG Nessel Re-Issues Data Breach Alert Following University of Michigan Network Infiltration
On October 23, 2023, U of M issued a statement announcing it had sustained a data breach after a hacker broke into its network in August. Personal data belonging to certain students, applicants, alumni, donors, employees, contactors, University Health Service, and School of Dentistry patients and research participants was accessed. After the suspicious activity was detected on the U of M network, the school shut down its computer systems on the afternoon of August 27, 2023. The university is sending letters to those whose sensitive personal information was involved in the incident and who have an address on file with the school. [...]
-
The Record ☛ 60 credit unions facing outages due to ransomware attack on popular tech provider
National Credit Union Administration (NCUA) spokesperson Joseph Adamoli said the ransomware attack targeted the cloud services provider Ongoing Operations, a company owned by credit union technology firm Trellance.
Adamoli said the NCUA, which regulates credit unions at the federal level, received incident reports indicating that several credit unions were sent a message from Ongoing Operations saying the company was hit with ransomware on November 26.
-
The State of Michigan ☛ Michigan State University Announces Third Party Data Breach That Could Affect MSU Community
This large-scale data breach was conducted by a foreign-based ransomware group, known as “Clop”, who exploited a security flaw in the MOVEit Transfer software. Progress Software, which develops the MOVEit software, patched the vulnerability, but not before hackers compromised large numbers of its customers, including federal and state agencies, financial services organization, and numerous others. ‘Clop’ did not contact the organizations it had attacked, instead posting a blackmail message on the dark-web instructing victims to contact them directly.
-
CNN ☛ Ransomware attack causes outages at 60 credit unions, federal agency says
Credit unions reported that the ransomware attack — in which cybercriminals typically lock computer system as an extortion tactic — affected a unit of Trellance, a cloud computing firm provider used by credit unions, NCUA spokesperson Joseph Adamoli said in a statement to CNN.
Trellance did not immediately respond to a request for comment on Friday.
-
[Repeat] Data Breaches ☛ Pacific Cataract and Laser Institute confirms cyberattack
LockBit3.0 added PCLI to its leak site on November 29, and only gave them until November 30 to respond: [...]
-
Data Breaches ☛ MT: Personal information of 900 Butte School District employees compromised in cyberattack
School officials first noticed the district’s computer system was [breached] on Nov. 4 and since then, the system has been shut down to prevent further intrusion.
-
Scripps Media Inc ☛ Personal information of 900 Butte School District employees compromised in cyberattack
The extent of the cyberattack is still being investigated nearly four weeks after it was first discovered. Public schools in Butte have not been able to use their computers or [Internet] since the attack.
-
[Repeat] Data Breaches ☛ PA: Great Valley School District Falls Victim to Ransomware Attack
As DataBreaches noted yesterday on infosec.exchange, the Medusa ransomware gang claims to have hit Great Valley School District in Pennsylvania. They provide a filetree showing a lot of Skyward, Canvas, PowerSchool, and other internal files, as well as 20+ screencaps of student info and employee info files to support their claim. They are demanding $600k from a district that has more than 4,000 students.
-
Data Breaches ☛ If you’re in Rock County, Wisconsin, do NOT read this post. Absolutely do not read this post.
So let’s talk about what they didn’t disclose, because DataBreaches believes that consumers and patients who are victims of data breaches have a right to know and need to know so they can assess their risk and then make decisions on how to protect themselves.
-
Security Week ☛ Staples Confirms ‘Cybersecurity Risk’ Disrupting Online Stores
Details of the incident remain scarce but security experts say it has all the hallmarks of a company scrambling to reduce the fallout from a cyberattack from a professional ransomware gang.