Why would an organization whose breach affected 150 people pay $1 million ransom to get a decryptor key? How critical are the organization’s activities to justify such a large payment? Large payments are more likely to be associated with the healthcare sector or critical infrastructure than with a non-profit organization like the American Radio Relay […]
Halliburton is a major player in oil and gas supplies. A cyberattack resulted in its taking systems offline. CNN reports: Halliburton confirmed on Friday that it was hit by a cyberattack that forced the major oilfield services company to take systems offline. In a filing, Halliburton said it became aware on Wednesday that an “unauthorized third […]
If you don’t audit your vendors, will you know if they are really adhering to the security provisions of your contract with them? Maybe you’ll get lucky, and disgruntled employees will blow the whistle. The Register reports: The US is suing one of its leading research universities over a litany of alleged failures to meet […]
From the Cleveland FBI: On August 12, FBI Cleveland announced the disruption of “Radar/Dispossessor”—the criminal ransomware group led by the online moniker “Brain”—and the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain. Since its inception in August 2023, Radar/Dispossessor has quickly developed […]
The BBC reports: The FBI has opened an investigation into allegations from the Trump campaign that it was targeted by hackers working for the Iranian government. “We can confirm the FBI is investigating the matter,” the agency said in a short statement on Monday without specifically naming the former president or Iran. A Trump campaign […]
Here we go again with foreign interference in our national election? Maybe. Politico reports: Former President Donald Trump’s campaign said Saturday that some of its internal communications had been hacked. The acknowledgment came after POLITICO began receiving emails from an anonymous account with documents from inside Trump’s operation. The campaign blamed “foreign sources hostile to […]
If verified, one of the largest breaches ever of personal information of Americans, Canadians, and UK persons went up for sale on a hacking forum on April 7. While researchers and analysts watched and started investigating the listing, the background checks firm allegedly responsible for the data remained silent, neither confirming nor refuting the claimed […]
The 2022 ransomware attack on Advanced, a National Health Service (NHS) vendor, was devastating to patient care. Now the U.K.’s Information Commissioner’s Office has indicated it plans to impose a substantial fine on the vendor. TechCrunch reports: U.K. data protection authorities have issued a provisional fine of more than £6 million to NHS vendor Advanced […]
Unknown threat actors have been putting Americans’ lives in danger this week. First there was a ransomware attack on OneBlood, a non-profit blood donation center that supplies blood to hospitals throughout southeastern US. Then there was a disruptive attack on the 911 dispatch system for central Texas. Those responsible for the two attacks have not […]
Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Environments – Researchers
Researchers at Palo Alto Network have reported a serious risk to organizations using cloud services that may result in an organization’s files being deleted and held for ransom. The risk is not due to any vulnerability with the cloud services themselves. The risk is due to the victim organizations misconfiguring their settings and inadvertently exposing […]