Collaborate Disseminate
A snippet from another great read by WIRED: After a typical sleepless night at his keyboard, 19-year-old Josiah White sat staring at the three flatscreen monitors he’d set up on a workbench in a messy basement storage area connected to the bedroom he s… Continue reading The Mirai Confessions: Three Young Hackers Who Built a Web-Killing Monster Finally Tell Their Story
Chris Riotta reports: Hackers potentially linked to the Russian GRU Main Intelligence Directorate carried out a series of highly coordinated cyberattacks targeting Danish critical infrastructure in the nation’s largest cyber incident on record, a… Continue reading Denmark Hit With Largest Cyberattack on Record
James Rundle reports: New York regulators Monday plan to issue cybersecurity regulations for hospitals, after a series of attacks crippled operations at medical facilities. Under draft rules reviewed by The Wall Street Journal, New York will require ge… Continue reading New York Plans Cyber Rules for Hospitals
— An OpEd by DataBreaches– When it comes to data breach disclosures, the very same entities who claim to take our privacy and security very, very seriously are generally not being transparent in their breach disclosures. Their refusal to b… Continue reading If entities continue to obfuscate and lie, it’s time to mandate more transparency in breach disclosures
Brian Krebs reports: In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a… Continue reading It’s Still Easy for Anyone to Become You at Experian
It looks like “SingularityMD,” the hacker(s) of Clark County School District in Nevada and Jeffco Public Schools in Colorado, are looking to start selling the data they exfiltrated. In an introductory post today on Breach Forums, they write… Continue reading Time’s up: SingularityMD sets up to sell data from Jeffco Public Schools
Josh Taylor reports a win for transparency: Optus has lost a bid in the federal court to keep secret a report on the cause of the 2022 cyber-attack – which resulted in the personal information of about 10 million customers being exposed – after a judge… Continue reading Optus loses court bid to keep report into cause of cyber-attack secret
An interesting press release from the South East Regional Organised Crime Unit (SEROCU): Around £1.9 million worth of stolen cryptocurrency is to be paid back to victims of theft as a result of work by the South East Regional Organised Crime Unit (SERO… Continue reading UK: Nearly £2 million of stolen cryptocurrency to be paid back to victims
Team Huntress writes: In a concerning development within the healthcare sector, Huntress has identified a series of unauthorized access that signifies internal reconnaissance and preparation for additional threat actor activity against multiple healthc… Continue reading Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack
Helga Labus reports: A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. […] The (limited) at… Continue reading MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)