LATEST POST
Attack on TeamViewer did not reach production environment or customer data
On June 27, TeamViewer issued a statement stating that it had detected an irregularity in its internal corporate environment. The statement emphasized that the internal corporate environment is completely independent from its product environment. An update issued on June 28 stated that current findings pointed to an attack tied to the credentials of a standard […]
Lurie Children’s Hospital ransomware incident affected more than 791K people
In late January, Lurie Children’s Hospital took its phones, email, electronic health records system, and patient portal offline to deal with a ransomware attack. As a result, some patient care was disrupted or delayed. The hospital would not meet the threat actor’s demands for more than $3 million, and it wasn’t until a month later […]
Meet Brain Cipher — The new ransomware behind Indonesia’s data center attack
Yet another ransomware group is causing major damage and headaches. Bleeping Computer has a helpful write-up on Brain Cipher. It begins: The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia’s temporary National Data Center. Indonesia is building out National Data Centers to securely store […]
FTC Defends Investigation Into Cyberattack on MGM as Casino Giant Seeks to Block Probe
Occasionally, a business giant with the funds to fight the government will challenge a federal agency’s enforcement action. This time, it is MGM taking on the FTC. Law.com reports: The Federal Trade Commission this week defended its investigation of MGM Resort International’s data security practices as the Las Vegas-based casino is seeking a court order […]
Another MOVEit vulnerability: PATCH immediately!
Once again, threat actors are jumping to exploit a newly identified vulnerability in Progress MOVEit Transfer software. As Bleeping Computer reports, exploit attempts were noted less than 24 hours after the vendor disclosed the vulnerability. The new security issue received the identifier CVE-2024-5806 and allows attackers to bypass the authentication process in the Secure File Transfer Protocol […]
Chinese hackers are increasingly deploying ransomware – researchers
Researchers at Sentinel Labs and Recorded Future report that Chinese-linked cyberespionage campaigns are increasingly deploying ransomware. CyberScoop reports that their research suggests that ransomware is reportedly used in the final stage of cyberespionage operations to either make money, distract adversaries, or make it more difficult to attribute their work: The report that Chinese hackers are […]
Los Angeles County says 25 departments affected by February phishing incident
No matter how many warnings are issued and how many times employees may be trained to avoid phishing attacks, some will fall for it. But 25 departments of a county government? Was this a failure of training or are the phishing attacks getting harder to detect because of the use of AI to compose the […]
Supreme Court Restricts Ability of Federal Agencies To Issue Fines
The Supreme Court issued a decision today that could limit federal agencies attempting to impose fines for data security violations or breaches. Although the decision in Securities and Exchange Commission v. Jarkesy did not involve data security or a data breach, the issue before the court involved the agency’s authority to charge someone with a violation […]