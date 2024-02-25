Security Leftovers
Data Breaches ☛ As expected, LockBit is back already
Only five days after an international law enforcement effort seized LockBit’s leak sites, 34 servers, and 14,400 rogue email accounts used to support infrastructure and extortion, LockBit3.0 has reappeared with a new Tor site that looks like the old one. There are half a dozen entries on it at this time. One of the listings is a re-listing for Fulton County, Georgia — an attack at the end of January that LockBit had publicly claimed credit for in mid-February. Another entry is for the FBI itself. Readers may recall that the FBI had posted “Who is LockBitSupp” yesterday on the seized site. Pretty much everyone who has followed LockBitSupp anticipated that he would respond to the FBI. And he has, publishing a lengthy statement in both English and Russian. The English version appears below, lightly redacted.
US News And World Report ☛ 2024-02-21 [Older] Ukraine Arrests Father-Son Duo in Lockbit Cybercrime Bust
2024-02-22 [Older] Enterprise Linux Security Episode 83 - FBI/NCA vs Lockbit
US News And World Report ☛ 2024-02-16 [Older] Ukrainian Man Pleads Guilty in Cyberattack That Temporarily Disrupted Major Vermont Hospital
J D Supra LLC ☛ NIST Publishes Final “Cybersecurity Resource Guide” on Implementing the HIPAA Security Rule
In an important development for HIPAA-regulated entities looking for practical assistance in understanding, implementing, and enhancing compliance with the HIPAA Security Rule, the National Institute of Standards and Technology (NIST) has finalized its comprehensive guidance, Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide (Resource Guide). This release follows the initial draft that NIST published for public comment in July 2022 and builds on NIST’s foundational 2008 publication. The updated Resource Guide comes at the heels of the U.S. Department of Health and Human Services (HHS) releasing voluntary performance goals to enhance cybersecurity across the health sector last month and a Department-wide Cybersecurity strategy for the health care sector in December of 2023.
US News And World Report ☛ 2024-02-22 [Older] Federal Agencies Investigate AT&T Cellular Outage, No Indications of Cybersecurity Incident Yet
US News And World Report ☛ 2024-02-22 [Older] White House Says FBI, Homeland Security Dept Looking Into AT&T Outage
Modern Diplomacy ☛ 2024-02-21 [Older] China’s Emerging role in Global Security
CISA ☛ 2024-02-21 [Older] Mozilla Releases Security Updates for Firefox and Thunderbird
CISA ☛ 2024-02-22 [Older] CISA Adds One Known Exploited Vulnerability to Catalog
CISA ☛ 2024-02-22 [Older] CISA Releases One Industrial Control Systems Advisory
CISA ☛ 2024-02-22 [Older] Delta Electronics CNCSoft-B DOPSoft
CISA ☛ 2024-02-21 [Older] CISA, EPA, and FBI Release Top Cyber Actions for Securing Water Systems
CISA ☛ 2024-02-20 [Older] CISA Releases Three Industrial Control Systems Advisories
CISA ☛ 2024-02-20 [Older] Commend WS203VICM
CISA ☛ 2024-02-20 [Older] Ethercat Zeek Plugin
CISA ☛ 2024-02-20 [Older] Mitsubishi Electric Electrical Discharge Machines
CISA ☛ 2024-02-15 [Older] CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA ☛ 2024-02-15 [Older] CISA and MS-ISAC Release Advisory on Compromised Account Used to Access State Government Organization