CSO Online reports: In late February, healthcare organizations across the US started receiving extortion demands by mail claiming that their organization’s data had been stolen in a ransomware attack and giving them 10 days to respond. According to the letters, printed on paper and delivered in envelopes purporting to be from the BianLian ransomware group, […]
ABC News reports that the Department of Justice has announced indictments against 12 Chinese nationals involved in cyberespionage in U.S. v. Wu Haibo et al., U.S. v. Yin Kecheng, U.S. v. Zhou Shuai et al.: Twelve Chinese nationals, including mercenary hackers, law enforcement officers and employees of a private hacking company, have been charged in connection with global […]
Dark Reading reports: Qilin, a Russian-speaking cybercrime group, has claimed responsibility for the cyberattack that impacted Lee Enterprises’ operations in early February. Lee Enterprises is one of the largest newspaper groups in the US, with publications in 72 markets, including The Buffalo News, Omaha World-Herald, and the Richmond Times-Dispatch. It filed a report last month with the SEC […]
If you thought your small or medium-sized business isn’t on any criminals’ radar, think again. Forbes reports: It’s all too easy to fall into the trap of thinking that large business targets are the ones that need to worry about being attacked, be that by way of ransomware, infostealers or phishing. The truth, however, is that hackers will look […]
Politico reports that a former IRS contractor in prison for leaking data actually leaked even more taxpayers’ information than had previously been disclosed: The IRS told House Republicans this month that a former contractor leaked the private data of more than 400,000 taxpayers, nearly six times higher than originally thought. Doug O’Donnell, the acting IRS commissioner, told […]
DataBreaches.net reports than an updated incident report filed by DISA Global Solutions leaves a number of questions unanswered: Read more at DataBreaches.net
PCMag reports that hackers managed to pull off the largest cryptocurrency heist in history, looting an estimated $1.4 billion from the Bybit exchange: The hackers compromised an offline “cold wallet” that stored Ethereum, stealing the 400,000 in ETH on Friday morning, Bybit CEO Ben Zhou told users in a live stream. During the incident, the cold […]
The Los Angeles Times reports: A celebrity Beverly Hills plastic surgeon, who has appeared on television shows including “Botched” and “The Doctors,” is being sued by patients who allege that their nude photos were published online after he was hacked — twice — and that he waited months to inform them of the data breaches. […]
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $1,500,000 civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of prescription and non-prescription eyewear, concerning violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule, following the receipt of a breach […]
China-linked APT Silk Typhoon targets IT Supply Chain
Microsoft warns that China-backed APT Silk Typhoon, which was linked to the US Treasury hack, is now targeting global IT supply chains, using IT firms to spy and move laterally. Security Affairs reports: Microsoft reported that China-linked APT group Silk Typhoon has shifted tactics to target IT solutions like remote management tools and cloud apps […]