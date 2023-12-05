Windows TCO
Silicon Angle ☛ New Citrix Bleed ransomware threat hits many credit unions
The provider is Trellance Cooperative Holdings Inc. It owns two different providers, one called Ongoing Operations LLC and the other called Fedcomp. Both of them told their respective customers of outages affecting their systems. The former sent out a note on Dec. 2 about an “ongoing cyber security incident” that happened on Nov. 26. Fedcomp posted and then removed notice about a potential incident and didn’t respond to reporters’ inquiries.
Industry Dive ☛ Dozens of credit unions confront outages linked to third-party ransomware attack
Trellance-owned Ongoing Operations told affected credit unions it was the target of a ransomware attack on Nov. 26, Joseph Adamoli, acting director and media relations manager at NCUA, said in an email. FedComp, another Trellance-owned unit serving credit unions, also reported a nationwide outage.
ABC ☛ Cybercriminals conduct ransomware attack, causing outages at 60 credit unions, federal agency says
NCUA told ABC News that the hack occurred through a third-party vendor, FedComp, using Trellance software, which was the source of the cyberattack.
Trellance did not immediately respond to a request for comment on Friday.
Kevin Beaumont ☛ What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US.
Credit union technology firm Trellance own Ongoing Operations LLC, and provide a platform called Fedcomp — used by double digit number of other credit unions across the United States. This Fedcomp platform was not patched for CitrixBleed, as no Netscaler patches had been applied since May 2023: [...]
The Register UK ☛ US warns Iranian terrorist crew broke into 'multiple' US water facilities
In a take-out-the-trash-time release on Friday night security advisory, the FBI, National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Environmental Protection Agency (EPA), plus the Israel National Cyber Directorate (INCD) warned that CyberAv3ngers, an Islamic Revolutionary Guard Corps (IRGC)-affiliated group, has been "actively targeting and compromising" Unitronics Vision Series PLCs, since at least November 22.
The US designated the IRGC as a foreign terrorist organization in 2019.
Scoop News Group ☛ Feds: Iran-linked hacking campaign a ‘clarion call’ for digital defenses
“We have seen no access to operational systems at these water facilities, nor have we seen any impact to the provision of safe drinking water to the targeted populations,” Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, told reporters Monday.
Goldstein did not provide exact figures on the impacted water facilities, but an alert from CISA, the FBI, the National Security Agency, the Environmental Protection Agency and the Israel National Cyber Directorate noted “continued malicious cyber activity.” A government official said last Thursday that the number of affected facilities was less than 10, and so far only a municipal water facility in Aliquippa, Pa., has been identified as a victim.
Bleeping Computer ☛ Microsoft confirms Windows bug renames printers to HP LaserJet M101-M106