What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-07 14:40:00 | One leader for Cyber Command, NSA has \'substantial benefits,\' report says (lien direct) |
The head of U.S Cyber Command and the National Security Agency testified Tuesday that the two entities should continue to share a leader, citing the conclusions in a recent high-level review that has yet to be shared with the public.
In [written testimony](https://www.cybercom.mil/Media/News/Article/3320195/posture-statement-of-general-paul-m-nakasone/) to a Senate panel, Army Gen. Paul Nakasone directly quoted the review of the “dual hat” leadership structure, which has existed since Cyber Command was established in 2010.
The report found “'substantial benefits that present compelling evidence for retaining the existing structure,'” according to Nakasone, who took over both organizations in 2018. Momentum for splitting the roles increased during the Trump administration.
The Record first reported that the Biden administration had tapped former Joint Chiefs of Staff Chairman Joseph F. Dunford Jr. to lead the review. The team [concluded without a policy recommendation](https://therecord.media/review-of-nsa-cyber-command-leadership-structure-ends-without-official-recommendation) on maintaining or splitting the arraignment, but it leaned heavily toward keeping the two conjoined, despite long-held concerns that the positions are too much for a single person.
Nakasone also wrote that the review “highlighted” CYBERCOM and NSA's work defending U.S. elections from foreign interference, fighting ransomware operators and bolstering the military's other combatant commands as reasons to keep the two together.
Nakasone, one of Cyber Command's original architects, said publicly last year that he met with Dunford's study group and “had an opportunity to share my views.”
“Success in protecting the national security of the United States in cyberspace would be more costly and less decisive with two separate organizations under two separate leaders,” Nakasone wrote in his testimony for the Senate Armed Services Committee.
“The enduring relationship is vital for both organizations to meet the strategic challenges of our adversaries as they mature their capabilities against the United States,” he added.
|
Ransomware Guideline | ★★★ | |
|
2023-03-07 14:30:00 | Internal documents show Mexican army used spyware against civilians, set up secret military intelligence unit (lien direct) |
_Two digital rights groups, Mexico's R3D and the University of Toronto's Citizen Lab, have just released an update to their “[Ejército Espía](https://ejercitoespia.r3d.mx/)” (“Spying Government”) report from late last year. In October 2022, they revealed that the Mexican army bought spyware and deployed it against at least two Mexican journalists and a human rights advocate between 2019 and 2021. While they had compelling circumstantial evidence, there was no smoking gun. The newly-released internal classified documents appear to prove it._
_Luis Fernando Garcia, a lawyer and executive director of R3D, told Click Here in an interview that a roster of freedom of information requests and internal Ministry of Defense documents – released as part of last year's massive hack-and-leak operation by the hacktivist group Guacamaya – connect officials at the highest levels of the Mexican army to the purchase of Pegasus spyware. R3D found a 2019 acceptance letter that links the military to a company with the exclusive right to sell licenses for the NSO Group's Pegasus spyware in Mexico._
_NSO Group created Pegasus in 2011 and it has been linked to everything from the capture of the drug lord El Chapo to the murder of journalist Jamal Khashoggi. Pegasus' super power is its ability to infect smartphones without a user knowing - the phone becomes a spy in their pocket, capturing their location, their communications, and information on their friends._
_Among the new revelations are documents from the Mexican Secretariat of National Defense , or SEDENA, that discuss a previously unknown military intelligence agency in charge of the nation's surveillance programs. The leaked files show the agency, referred to as CMI or the Military Intelligence Center, spied on a human rights advocate named Raymundo Ramos who has been investigating a suspected extrajudicial killing by the Army that occurred in July 2020 in a border town called Nuevo Laredo._
_The interview has been edited for space and clarity. A fuller version of the story can be heard on the [Click Here](https://podcasts.apple.com/us/podcast/click-here/id1225077306) podcast._
**CLICK HERE: For people who don't know, can you explain the mission of R3D (The Digital Rights Defense Network)?**
**LUIS FERNANDO GARCIA:** The Digital Rights Defense Network is a NGO that works on issues related to human rights and technology. Since the beginning we've been working to uncover and to investigate and pushback against the surveillance apparatus in Mexico.
**CH: You started your latest investigation into government surveillance in collaboration with the University of Toronto's Citizen Lab in early 2022. What did the initial investigation [[published last October](https://ejercitoespia.r3d.mx/)] reveal?**
**LG:** We started checking phones of human rights defenders, journalists, trying to see if we could find forensic evidence of Pegasus in Mexico. We started to document cases of people who were infected in 2019, 2020, and 2021, which means [it was deployed] during the current government, not the previous government.
A week or maybe less from our publication date, something really important happened. The army's email system was hacked and an activist group called Guacamaya was offering access to those emails to media organizations and to human rights organizations. And this gave us like the missing key that we needed to actually point the finger at the army and say we found these Pegasus cases [and connected them to the military].
**CH: Can you talk about some of the specific things you discovered in the Guacamaya documents?**
**LG:** We were able to find a kind of acceptance letter from the army, directed to the secretary, which is the head of the army - the General Secretary of National Defense in Mexico. And here it talks about a contract with Comercializadora Antsua |
Hack | ★★★★★ | |
|
2023-03-07 13:05:00 | Israel blames state-sponsored Iranian hackers for ransomware attack on university (lien direct) |
Israeli cybersecurity officials on Tuesday blamed hackers sponsored by the Iranian government for a ransomware attack on the country's leading technology university.
The attack in February forced the Israel Institute of Technology, also known as Technion, to postpone exams and shut down its IT systems. The incident followed what Israeli defense officials said were dozens of attempted Iranian cyberattacks over the past year.
Hackers from a previously unknown group calling itself DarkBit claimed responsibility in a note left on Technion's systems demanding 80 bitcoins ($1.7 million at the time) to enable the university to recover its files.
The note was unusually ideological, criticizing “an apartheid regime” and stating: “They should pay for their lies and crimes, their names and shames. They should pay for occupation, war crimes against humanity, killing the people (not only Palestinians' bodies, but also Israelis' souls) and destroying the future and all dreams we had.”
Israel's National Cyber Directorate on Tuesday attributed the attack to a threat group tracked as MuddyWater, which last year U.S. Cyber Command linked to the Iranian Ministry of Intelligence and Security.
British and American authorities subsequently issued a warning about the hacking group, saying it was targeting a “range of government and private-sector organizations across sectors - including telecommunications, defense, local government, and oil and natural gas - in Asia, Africa, Europe, and North America.”
While Israel and Iran have never been in a declared war against each other, the countries have repeatedly blamed each other for cyberattacks targeting civilian infrastructure, including a steel plant in Iran. Iranian hackers have been blamed for attacks on water systems in Israel.
The attack on the university in Haifa is not the first time that Iranian state-sponsored hackers have been linked to ransomware incidents. A French-Venezuelan cardiologist called Moises Luis Zagala Gonzalez was charged by the U.S. Department of Justice last year with developing the Thanos ransomware and allegedly boasting about it being used by Iranian government-linked hackers.
Another advisory issued in 2022 by cyber authorities in the United Kingdom, United States, Australia and Canada - members of the Five Eyes intelligence alliance - warned that “cyber actors affiliated with Iran's Islamic Revolutionary Guard Corps are exploiting vulnerabilities to launch ransomware operations against multiple sectors.” |
Ransomware Threat Guideline | ★★ | |
|
2023-03-07 01:00:00 | African fintech giant Flutterwave denies reports that it was hacked (lien direct) |
One of Nigeria's most prominent startups is denying media reports that hackers stole millions of dollars from its platform.
On Sunday, the website Techpoint.africa [reported](https://techpoint.africa/2023/03/05/hackers-have-stolen-2-9-billion-from-flutterwave/) that about $6.3 million was stolen from the digital payments services startup Flutterwave. The fintech firm is typically used by small businesses to make and receive payments, and has raised nearly half a billion dollars in investor funding.
The outlet cited court filings from a purported Flutterwave lawyer requesting that more than 100 accounts at 27 financial institutions be frozen. In [a filing](https://www.scribd.com/document/629702409/Flutterwave-C-O-P-v-Access-Bank-26-Others-Ex-Parte-Motion) from February 19, the lawyer writes: “About two weeks ago … there was a breach of Our Client's internet security resulting to an account takeover by internet hackers.
“Before we could get the accounts frozen … some commercial banks allowed the monies to be moved to other beneficiary accounts thus widening the net of the culpable and fraudulent account holders.”
Flutterwave responded to reports of the breach on Sunday, [denying](https://www.google.com/url?q=https://flutterwave.com/gb/blog/statement-on-claims-regarding-flutterwaves-security&sa=D&source=docs&ust=1678154611282025&usg=AOvVaw355-A1SIbshQfKPFKxhnBK) that hackers had gained any access to the platform.
You may have recently heard some claims on Flutterwave's security. We want to assure you that Flutterwave has not been hacked, and no customer funds were lost.Thank you for choosing us Read more here: https://t.co/a27ZIy0w1k pic.twitter.com/o3KfChucJ9 |
★★★ | ||
|
2023-03-06 14:03:00 | Vice Society ransomware group claims German university as latest victim (lien direct) |
The Vice Society ransomware group added the Hamburg University of Applied Sciences (HAW Hamburg) to its leak site this weekend following an attack that the institution said took place late last year.
HAW Hamburg is one of several German-speaking institutions with a focus on applied sciences to be targeted by ransomware gangs in recent months.
In [a statement](https://www.haw-hamburg.de/fileadmin/PK/PDF/Infos_Art._34_DS-GVO_final.pdf) sent to all employees and students, the university said the attack was on December 29, describing a ransomware incident without using the term itself. The school has about 16,000 students.
“The attackers worked their way manually from decentralized IT systems via the network to the central IT and security components of HAW Hamburg. They also gained administrative rights to the central storage systems via this attack path and thus compromised the central data storage,” the statement explained.
“With the administrative rights obtained, the encryption of various virtualized platforms and the deletion of saved backups were finally started,” it added.
The university warned that “significant amounts of data from various areas” were copied, including usernames and “cryptographically secured” passwords, email addresses and mobile phone numbers.
Despite describing the compromised passwords as “cryptographically secured” the IT team recommended that students and staff change their passwords “for all internal university applications,” adding “in particular, change your password for Microsoft Teams and avoid using passwords that you have already used before.”
The university said it had to rebuild its IT systems, including the existing Microsoft cloud environment, and was “trying to restore a backup of the email data from the old mail server as of December 14.”
Following the attack, HAW Hamburg's IT security said it had “received several reports from students about attempts to log on to Internet portals such as Amazon and eBay by unauthorized third parties.”
“After reviewing all previous reports, and taking into account the attacker group's previous approach, it can be ruled out that the login attempts are related to the security incident at HAW Hamburg or the attacker group,” the team added.
Back in January the Vice Society ransomware group [claimed responsibility](https://therecord.media/vice-society-ransomware-gang-claims-attack-on-one-of-germanys-largest-universities/) for a November attack against the University of Duisburg-Essen in Germany.
Then in February the University of Zurich, Switzerland's largest university, announced it was the target of a “serious cyberattack,” which a spokesperson described to The Record as “part of a current accumulation of attacks on educational and health institutions.”
The week before, the [Harz University of Applied Sciences](https://www.n-tv.de/regionales/sachsen-anhalt/Hochschule-Harz-nach-digitalem-Angriff-offline-article23885755.html) in Saxony-Anhalt, [Ruhr West University](https://www.hochschule-ruhr-west.de/hrwoffline/), and the [EU/FH European University of Applied Sciences](https://www.eufh.de/hochschule/pressemitteilung) all announced being impacted by cyberattacks.
|
Ransomware Guideline Cloud | ★★ | |
|
2023-03-06 14:02:00 | Thousands of appointments canceled after ransomware hits major Barcelona hospital (lien direct) |
A ransomware attack on the city of Barcelona's main hospital has forced thousands of appointments to be canceled, officials announced Monday.
The Hospital Clinic de Barcelona was attacked Saturday, with computers across the institutions' numerous laboratories, clinics and emergency room shut down. Its website was unavailable on Monday.
Officials said that 150 non-urgent operations were canceled on Monday alongside up to 3,000 patient checkups, including radiotherapy visits, because staff can't access patients' clinical records, reported the [El País newspaper](link).
The Ransom House gang - which lists semiconductor company AMD as a previous victim, claiming to have sold data stolen by its "partners" - was responsible for the attack, according to the regional Catalonian Cybersecurity Agency. The gang itself claims on its leak site to “have nothing to do with any breaches” and doesn't “produce or use any ransomware.” It describes itself as a “professional mediators community.”
Segi Marcén, telecommunications secretary for the regional Catalonia government, said that no extortion demand had yet been received but that the hospital would not be making a ransom payment even if one was.
“We will not pay a cent,” Marcén said. Ransomware gangs typically threaten to release stolen data publicly if an extortion payment doesn't come by a certain deadline. As of Monday, nothing from the hospital was on Ransom House's leak site.
Marcén added that the regional government was “focusing on recovering the information” impacted by the attack, although it was not yet clear whether the hospital's data backups were also compromised, El País reported.
Staff at the hospital have been forced to write on paper and do not have access to electronic patient data-sharing systems. The facility's press department announced that urgent cases are being diverted to other hospitals.
“We can't make any prediction as to when the system will be back up to normal,” the hospital's director, Antoni Castells, told journalists, adding that there was a contingency plan to keep services functioning for several days although he hoped the system would be fixed sooner.
Tomàs Roy, the general director of the Catalan Cybersecurity Agency, said the attackers “have used new attack techniques,” but didn't specify what they were.
Recovering from the attack will be “gradual,” reported El País, as IT staff will need to ensure that systems aren't restored while the attackers maintain some access to the system. |
Ransomware | ★★ | |
|
2023-03-06 14:01:00 | Ransomware gang posts breast cancer patients\' clinical photographs (lien direct) |
The ALPHV ransomware group, also known as BlackCat, is attempting to extort a healthcare network in Pennsylvania by publishing photographs of breast cancer patients.
These clinical images, used by Lehigh Valley Health Network as part of radiotherapy to tackle malignant cells, were described as “nude photos” on the criminals' site.
Lehigh Valley Health Network disclosed on February 20 that it had been attacked by the BlackCat gang, which it described as linked to Russia, and stated that it would not pay a ransom.
“Based on our initial analysis, the attack was on the network supporting one physician practice located in Lackawanna County. We take this very seriously and protecting the data security and privacy of our patients, physicians and staff is critical,” said the network's president and chief executive, Brian Nester.
Nester added that the incident involved “a computer system used for clinically appropriate patient images for radiation oncology treatment and other sensitive information.”
At the time of the original statement, Nester said Lehigh Valley Health Network's services - including a cancer institute and a children's hospital - were not affected.
However the network's website is currently inaccessible. The Record was unable to contact the network for further comment following its listing on the ALPHV [.onion](https://en.wikipedia.org/wiki/Tor_(network)) website.
Onlookers have been revolted by the attempt to leverage the sensitivities around cancer treatment and intimate images to extort the organization.
Max Smeets, an academic at ETH Zurich - a public research university - and the director of the European Cyber Conflict Research Initiative, [wrote](https://twitter.com/Maxwsmeets/status/1632654116320075776): “This makes me so angry. I hope these barbarians will be held accountable for their heinous actions.”
"A new low. This is sickening," [wrote](https://twitter.com/rj_chap/status/1632465294580133888) malware analyst Ryan Chapman, while Nicholas Carroll, a cybersecurity professional, [said](https://twitter.com/sloppy_bear/status/1632468646873165824) the gang was “trying to set new standards in despicable.”
ALPHV itself celebrated the attack and the attention it brought.
“Our blog is followed by a lot of world media, the case will be widely publicized and will cause significant damage to your business. Your time is running out. We are ready to unleash our full power on you!”
Numerous healthcare organizations have been attacked by ransomware gangs in recent months. The criminal industry persists because of victims who pay, sometimes because their businesses face an existential threat, and sometimes to avoid the negative publicity.
Medibank, one of Australia's largest health insurance providers, stated last November that it would not be making a [ransom payment](https://therecord.media/medibank-says-it-will-not-pay-ransom-in-hack-that-impacted-9-7-million-customers/) after hackers gained access to the data of 9.7 million current and former customers, including 1.8 million international customers living abroad.
The information included sensitive healthcare claims data for around 480,000 individuals, including information about drug addiction treatments and abortions. Outrage at the attack prompted the government to [consider banning](https://therecord.media/australia-to-consider-banning-ransomware-payments/) ransomware payments in a bid to undermine the industry.
Back in January, the hospital technology giant [NextGen Healthcare](https://therecord.media/electronic-health-record-giant-nextgen-dealing-with-cyberattack/) said it was responding to a cyberattack after ALPHV added the company to its list of victims. |
Ransomware Malware | ★★★ | |
|
2023-03-04 13:00:00 | A year of wipers: How the Kremlin-backed Sandworm has attacked Ukraine during the war (lien direct) |  Last November, several Ukrainian organizations were targeted by a new type of ransomware called RansomBoggs. Its operators sent infected computers a ransom note written on behalf of James P. Sullivan - the main protagonist of the animated film Monsters, Inc. In the note Sullivan, whose job in the movie was to scare kids, asked for [… |
Ransomware | ★★★ | |
|
2023-03-03 20:56:38 | Chick-fil-A: 71,000 customers had financial information stolen during cyberattack (lien direct) |  Fast food giant Chick-fil-A said more than 71,000 of its customers had their financial information stolen from their website during a breach lasting from December to February. In documents filed with the attorney general offices of Maine, Montana and California, Chick-fil-A said it began an investigation after discovering “suspicious login activity” connected to an unknown [… |
★★ | ||
|
2023-03-03 19:57:24 | U.S. government warns of Royal ransomware attacks against critical infrastructure (lien direct) |  The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory Thursday warning vulnerable organizations of an increased threat posed by Royal ransomware. The guidance is the second warning the U.S. government has issued about Royal ransomware in recent months. In December, the U.S. Department of Health and Human Services (HHS) warned hospitals [… |
Ransomware Threat | ★★★ | |
|
2023-03-03 19:09:13 | Online travel giant says it was not compromised through recently-discovered vulnerability (lien direct) |  Online travel agency giant Booking.com said Friday that it was not compromised through a vulnerability on the platform that was recently discovered by researchers. Several publications on Thursday reported that researchers from Salt Security said they found several critical security flaws on Booking.com and its sister company Kayak. The flaws involved the tool that allows [… |
Tool Vulnerability | ★★★ | |
|
2023-03-03 17:16:28 | Cybercrime site shows off with a free leak of 2 million stolen card numbers (lien direct) |  A recent payment-card leak by the dark web shop BidenCash might be mostly a marketing ploy, experts say, but there are still dangers |
★★ | ||
|
2023-03-03 17:11:07 | Oakland officials say ransomware group may release personal data on Saturday (lien direct) |  The government of Oakland acknowledged on Friday that the ransomware group responsible for the cyberattack on city systems is planning to publish the information it stole. On Thursday evening, the Play ransomware group said it was behind the wide-ranging attack, writing on its leak site that it planned to publish sensitive stolen data on Saturday. [… |
Ransomware | ★★ | |
|
2023-03-03 16:00:03 | EPA takes steps to address cybersecurity weaknesses at water utilities (lien direct) |  The U.S. Environmental Protection Agency (EPA) is asking states to include cybersecurity in its audits of public water systems in a measure designed to address a spate of attacks on the sector. In a memorandum released Friday, EPA officials said several public water systems have not adopted even basic cybersecurity best practices - leaving them [… |
★★★ | ||
|
2023-03-02 20:51:38 | Poland blames Russian hackers for cyberattack on tax service website (lien direct) |  Poland’s tax service website was hit by a cyberattack believed to have been carried out by Russian hackers, according to the country's top cybersecurity official. The distributed denial-of-service (DDoS) attack occurred on Tuesday, causing the website to crash for approximately one hour and blocking users’ access to the online tax filing system. In an interview [… |
★★★ | ||
|
2023-03-02 20:29:15 | Tennessee State, Southeastern Louisiana universities hit with cyberattacks (lien direct) |  Tennessee State and Southeastern Louisiana are struggling with cyberattacks that have crippled campus services |
★★ | ||
|
2023-03-02 19:21:33 | In mixed response to White House cyber strategy, House Republicans focus on regulations (lien direct) |  Republican leaders on the House Homeland Security Committee questioned the White House’s desire for more cyber regulations after the release of the National Cybersecurity Strategy on Thursday. Committee Chairman Mark Green and Cybersecurity Subcommittee Chairman Andrew Garbarino did praise aspects of the plan, namely the focus on threats from Russia and China as well as [… |
Guideline | ★★ | |
|
2023-03-02 19:02:16 | A key post-quantum algorithm may be vulnerable to side-channel attacks (lien direct) |  As companies and governments around the world work on creating usable quantum computers, security researchers are also devising ways to protect data once those machines are available. Quantum computers have the potential to crack the cryptographic algorithms in use today, which is why “post-quantum” cryptographic algorithms are designed to be so strong that they can [… |
★★★ | ||
|
2023-03-02 17:03:07 | Secret Service, ICE carried out illegal stingray surveillance, government watchdog says (lien direct) |  U.S. federal agencies failed to secure required court orders to conduct phone tracking surveillance, according to a recently redacted memorandum from a government watchdog. The report, written by the Office of the Inspector General (OIG) and dated February 23, provided details of an audit of the use of cell-site simulators (CSS) - a law enforcement [… |
Legislation | ★★★ | |
|
2023-03-02 12:59:55 | Retailer WH Smith reports cyberattack, says employee data compromised (lien direct) |  U.K.-based retailer WH Smith told regulators that a cyberattack exposed data of current and former employees |
★★ | ||
|
2023-03-02 11:31:26 | National Cyber Strategy to push mandatory regulations, more offensive cyber action (lien direct) |  The White House unveiled its long-awaited National Cybersecurity Strategy on Thursday, laying out a holistic approach to improving digital security across the country. The plan is built around five basic pillars: Minimum cybersecurity requirements for critical infrastructure; Offensive cyber actions against hackers and nation states; Shifting liability onto software manufacturers; Diversifying and expanding the cyber [… |
★★ | ||
|
2023-03-01 20:46:22 | Canadian book giant says employee data was stolen during ransomware attack (lien direct) |  Toronto-based Indigo now says that employee data was accessed in a ransomware incident last month. The LockBit gang claims it was the perpetrator |
Ransomware | ★★ | |
|
2023-03-01 20:31:43 | How Cambodia-based scammers made an estimated $3 million in \'pig butchering\' scheme (lien direct) |  Last October, Sean Gallagher received an unexpected text message from a young Malaysian woman calling herself Harley. She said she ran a wine business in Vancouver that was struggling due to the COVID-19 pandemic, and as a result Harley learned how to make money through cryptocurrency trading. She was willing to share her secrets, she [… |
★★★ | ||
|
2023-03-01 18:56:46 | Washington state public bus system confirms ransomware attack (lien direct) |  Pierce Transit, which serves the Tacoma area, said a ransomware attack disrupted systems and necessitated some temporary workarounds |
Ransomware | ★★ | |
|
2023-03-01 13:17:45 | Streaming service Plex unaware \'of any unpatched vulnerabilities\' following LastPass report (lien direct) |  Plex defended the security of its software after reports said it allowed hackers to get a foothold in a LastPass employee's computer |
LastPass | ★★★ | |
|
2023-03-01 00:34:26 | Victims of MortalKombat ransomware can now decrypt their locked files for free (lien direct) |  Cybersecurity firm Bitdefender released a universal decryptor for the MortalKombat ransomware – a strain first observed by threat researchers in January 2023. The malware has been used on dozens of victims across the U.S., United Kingdom, Turkey and the Philippines, according to a recent report from Cisco. Bogdan Botezatu, director of threat research and reporting [… |
Ransomware Malware Threat | ★★ | |
|
2023-02-28 21:26:32 | US Marshals Service becomes latest law enforcement agency hit by hackers (lien direct) |  The U.S. Marshals Service said it was struck by ransomware last week in an attack that affected systems holding sensitive law enforcement data and personally identifiable information related to several suspects. U.S. Marshals Service spokesperson Drew Wade told NBC News late on Monday evening that after consulting with senior officials at the agency, it was [… |
Ransomware | ★★ | |
|
2023-02-28 19:33:29 | Ukraine\'s drone whisperers: What the weapons are telling us (lien direct) |  Drones have played an outsized role in the conflict in Ukraine – surveilling territory, dropping bombs, and crashing into buildings. Russia launched some 600 drones in the last three months of 2022, according to estimates from the Ukrainian consultancy Molfar. When the drones fall, or are shot down, Ukrainian forces retrieve them and hand them [… |
★★★ | ||
|
2023-02-28 19:30:30 | Senior DOJ official warns lapse of surveillance law would harm cyber investigations (lien direct) |  Assistant Attorney General Matthew Olsen joined the White House in urging Congress to renew a controversial internet surveillance program |
★★★ | ||
|
2023-02-28 19:30:13 | DISH tells SEC that ransomware attack caused outages; personal info may have been stolen (lien direct) |  Satellite broadcast giant DISH told the SEC on Tuesday that a ransomware attack is what caused “system issues” that occurred over the weekend. In an 8-K form filing, DISH confirmed rumors that they had been hit with ransomware, warning that on Monday they became aware that “certain data was extracted from the Corporation's IT systems [… |
Ransomware | ★★★ | |
|
2023-02-28 18:27:23 | CISA red-teamed a \'large critical infrastructure organization\' and didn\'t get caught (lien direct) | CISA is reporting what it learned when its hackers were invited to break into a critical infrastructure organization's network. |
★★★ | ||
|
2023-02-28 13:50:41 | LastPass says attacker hacked employee\'s home computer to access corporate vault (lien direct) |  Password management service LastPass now says a well-publicized 2022 incident stemmed from an intrusion on one engineer's home computer |
LastPass | ★★★ | |
|
2023-02-27 20:46:33 | Minneapolis Public Schools still investigating what caused \'encryption event\' (lien direct) |  Thousands of students in Minneapolis returned to school on Monday after a ransomware attack crippled the school's systems all of last week |
Ransomware | ★★ | |
|
2023-02-27 20:04:31 | More trouble from an APT with Colombia and Ecuador on its mind (lien direct) |  The advanced persistent threat (APT) group known as Blind Eagle or APT-C-36 continues to phish with official-looking PDFs, researchers say |
Threat | APT-C-36 | ★★★ |
|
2023-02-27 19:01:20 | Tech manufacturers are leaving the door open for Chinese hacking, Easterly warns (lien direct) |  The head of the Cybersecurity and Infrastructure Security Agency warned Monday of potentially dire consequences if technology manufacturers fail to bolster the security of their products, in a blistering speech about the dangers posed in cyberspace by China. Technology providers have “normalized the deviant behavior of operating at the bleeding edge of the accident boundary,” [… |
★★★ | ||
|
2023-02-27 15:24:27 | DISH says \'system issue\' affecting internal servers, phone systems (lien direct) |  Satellite broadcast giant DISH said a “systems issue” with its corporate network was affecting several services after customers noticed that the company website and multiple subsidiaries were experiencing problems. In addition to trouble accessing DISH websites and customer service channels, some customers said they could not log into certain channels using their DISH login information. [… |
★★★ | ||
|
2023-02-27 12:42:51 | Danish hospitals hit by cyberattack from \'Anonymous Sudan\' (lien direct) |  The websites of nine hospitals in Denmark went offline on Sunday evening following distributed-denial-of-service (DDoS) attacks from a group calling itself Anonymous Sudan. Copenhagen's health authority said on Twitter that although the websites for the hospitals were down, medical care at the facilities was unaffected by the attacks. It later added the sites were back [… |
Medical | ★★ | |
|
2023-02-27 00:53:30 | \'Limited number\' of News Corp employees sent breach notification letters after January cyberattack (lien direct) |  Employees of News Corp are being sent breach notification letters this week following a January 2022 breach that the company believes the Chinese government was behind. On Wednesday, News Corp submitted documents to Massachusetts confirming the breach. A News Corp spokesperson would not tell The Record how many people were sent letters but at least [… |
★★ | ||
|
2023-02-25 00:42:12 | DNA Diagnostics Center to pay $400,000 fine for 2021 data breach (lien direct) |  One of the largest commercial DNA testing companies in the world agreed to pay a $400,000 fine to Ohio and Pennsylvania after a 2021 data breach compromised the information of more than 2 million people. The announcement from DNA Diagnostics Center (DDC) comes after a lawsuit filed by the two states’ attorneys general accused the [… |
Data Breach | ★★★ | |
|
2023-02-24 21:41:36 | Smuggler provided sensitive US tech to Russian, N. Korean governments, prosecutors say (lien direct) |  Ilya Balakaev worked on behalf of the FSB intelligence agency to bring U.S. counterintelligence tech into Russia, according to an indictment |
General Information | ★★★ | |
|
2023-02-24 20:37:32 | Treasury Department hits Russian disinformation operators with sanctions (lien direct) |  The Treasury Department announced a swath of sanctions on Russian companies and individuals on Friday, including a handful of entities connected to cybersecurity and disinformation operations with links to Russia's intelligence services. The move by the Office of Foreign Assets Control especially targets Russia's mining and minerals sector, but also goes after a range of [… |
★★★ | ||
|
2023-02-24 17:24:24 | Oakland says 311, business license systems still down, but National Guard is helping (lien direct) |  IT experts from the California National Guard and other state agencies are helping Oakland deal with a crippling ransomware attack |
Ransomware | ★★★ | |
|
2023-02-24 16:16:13 | Ohio\'s largest oil producer says \'no impact\' seen after cyberattack (lien direct) |  Encino Energy, which is based in Houston and has a large operation in Ohio, said a recent cyberattack was remediated after it was discovered |
★★★ | ||
|
2023-02-23 21:57:12 | Russian accused of developing password-cracking tool extradited to US (lien direct) |  A 28-year-old Russian malware developer was extradited to the U.S. where he could face up to 47 years in federal prison for allegedly creating and selling a malicious password-cracking tool. Dariy Pankov, also known as “dpxaker,” developed what the Department of Justice called “powerful” password-cracking program that he marketed and sold to other cybercriminals for a [… |
Malware Tool | ★★ | |
|
2023-02-23 21:30:23 | Popular IBM file transfer tool vulnerable to cyberattacks, CISA says (lien direct) |  A vulnerability in the IBM Aspera Faspex file transfer tool is actively being exploited by malicious hackers, CISA says |
Tool Vulnerability | ★★ | |
|
2023-02-23 20:46:30 | Google bug bounty program paid a record $12 million last year (lien direct) |  Cybersecurity researchers from 68 countries reported more than 2,900 vulnerabilities to Google's bug bounty program in 2023 |
★★ | ||
|
2023-02-23 19:31:29 | Mozilla: Nearly 80% of Google Play Store apps have discrepancies in privacy reporting (lien direct) |  What apps actually do with user data often differs from what companies tell Google Play Store about their policies, a Mozilla study says |
Studies | ★★★★ | |
|
2023-02-23 19:02:13 | Hackers use ChatGPT phishing websites to infect users with malware (lien direct) |  Cyble says cybercriminals are setting up phishing websites that mimic the branding of ChatGPT, an AI tool that has exploded in popularity |
Malware Tool | ChatGPT | ★★★ |
|
2023-02-23 18:00:41 | UK military intelligence team wins Western Europe\'s \'largest cyber warfare exercise\' held in Estonia (lien direct) |  A team from British military intelligence placed first at a cyber warfare exercise described as “Western Europe's largest” hosted at the CR14 cyber range in Estonia, the Ministry of Defence (MoD) announced this week. The exercise, titled Defence Cyber Marvel 2 (DCM2), was organized by the British Army and featured 34 teams from 11 countries, [… |
★★★ | ||
|
2023-02-23 15:18:46 | Russians accused of using DeFi platform for $340 million Ponzi scheme (lien direct) |  Four Russian nationals were indicted for allegedly creating Forsage - a decentralized finance (DeFi) platform - as a Ponzi scheme |
★ |
To see everything:
Our RSS (filtrered)
