Security Leftovers
IT Wire ☛ Prescriptions provider MediSecure hit by ransomware attack
"The @ASDGovAu Australian Cyber Security Centre is aware of the incident and the @AusFedPolice is investigating.
"We are in the very preliminary stages of our response and there is limited detail to share at this stage, but I will continue to provide updates as we progress while working closely with the affected commercial organisation to address the impacts caused by the incident."
The MediSecure statement said the company took its legal and ethical obligations seriously and appreciated this information would be of concern.
"MediSecure is actively assisting the Australian Digital Health Agency and the National Cyber Security Co-ordinator to manage the impacts of the incident. MediSecure has also notified the Office of the Australian Information Commissioner and other key regulators," it said.
"MediSecure understands the importance of transparency and will provide further updates via our website as soon as more information becomes available. We appreciate your patience and understanding during this time."
[Repeat] Security Week ☛ Nissan Data Breach Impacts 53,000 Employees
Nissan North America determined recently that a ransomware attack launched last year resulted in employee personal information compromise.
Security Week ☛ BreachForums Shut Down in Apparent Law Enforcement Operation
The hacking forum BreachForums is displaying a notice claiming that the website is under the control of the FBI.
Silicon Angle ☛ Open redirect vulnerabilities exploited in ‘cat-phishing’ attacks, HP warns
A new report released today by HP Inc. is warning that cybercriminals are using “cat-phishing” techniques to deceive victims by redirecting them to malicious websites through seemingly legitimate links.
OpenSSF (Linux Foundation) ☛ Join Our Upcoming OpenSSF Tech Talk: Proactive Supply Chain Security with GUAC [Ed: Seems like Microsoft talking points; OpenSSF was already invaded by full-time Microsoft staff.]
Join our upcoming Tech Talk, "Proactive Supply Chain Security with GUAC," on June 6, 2024, at 10 AM PT/1 PM ET, as we discuss proactive vulnerability management and software supply chain security.