Collaborate Disseminate
On October 23, the Personal Data Protection Commission of Singapore issued three undertakings with the follow statement: The new Undertakings reveals breaches stemming from various ransomware attacks due to the insufficient security IT measures impleme… Continue reading Personal Data Protection Commission of Singapore issues three undertakings stemming from ransomware attacks
Washington D.C., Oct. 22, 2024 — The Securities and Exchange Commission today charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially mi… Continue reading SEC Charges Four Companies With Misleading Cyber Disclosures
On June 12, BreachForums reappeared on clearnet and Tor. The owner — or someone with access to the forum owner’s account — interacted a bit in the ShoutBox and posted an announcement: Hello BreachForums users! Some wild stuff has gone… Continue reading BreachForums back online — or it is a honeypot? (UPDATED)
Posted June 12 on Ascension’s website: “We have made progress in our investigation and recovery with the help of third-party cybersecurity experts. At this point, we now have evidence that indicates that the attackers were able to take files fro… Continue reading Ascension Cybersecurity Event Update
Analyst1 has published a report on RansomHouse: RansomHouse: Stolen Data Market, Influence Operations & Other Tricks Up the Sleeve. The Executive Summary of the report by Anastasia Sentsova begins: This research aims to identify connections between… Continue reading RansomHouse: investigation and findings by Analyst1
Adventist Health Tulare has issued a press release about a breach at a business associate in Nebraska. The June 7 press release states, “A data security incident was recently discovered by Signature Performance, an agency working on behalf of Adv… Continue reading 70,000 Adventist Health Tulare patients being notified of HIPAA breach by payment collections associate
Zack Whittaker reports: Snowflake’s security problems following a recent spate of customer data thefts are, for want of a better word, snowballing. After Ticketmaster was the first company to link its recent data breach to the cloud data company Snowfl… Continue reading What Snowflake isn’t saying about its customer data breaches
What happens when threat actors leak data on the dark web but the victim entity doesn’t access it in time to figure out what was leaked? That’s what happened to PruittHealth in Georgia last year. How many people are they notifying because t… Continue reading PruittHealth was hacked back in November. Here’s what we STILL don’t know.
May 30, 2024 HC3: Analyst Note TLP:CLEAR Report: 20240530120 Executive Summary A Distributed-Denial-of-Service (DDoS) attack is a type of cyber attack in which an attacker uses multiple systems, often referred to as a botnet, to send a high volume of t… Continue reading HC3: Analyst Note: Healthcare Sector DDoS Guide
Jai Vijayan reports: In recent attacks involving the ominously growing RansomHub ransomware, attackers have exploited the so-called ZeroLogon flaw in the Windows Netlogon Remote Protocol from 2020 (CVE-2020-1472) to gain initial access to a victim̵… Continue reading RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks