Collaborate Disseminate
Executive Summary Beginning in late 2021 and continuing late into 2022, a globally active, extortion-focused cyber threat actor group attacked dozens of well-known companies and government agencies around the world. It penetrated corporate networks, st… Continue reading CISA: Review Of The Attacks Associated with Lapsus$ And Related Threat Groups Report
HHS Health Center Cybersecurity Center (HC3) has published a new informational handout and guidance on multi-factor authentication (MFA) and smishing. It includes statistics and suggestions for dealing with common obstacles to implementation. Access t… Continue reading HHS HC3: Multi-Factor Authentication & Smishing
From Interpol, this week: SINGAPORE – A notorious ‘phishing-as-a-service’ (PaaS) platform known as ‘16shop’ has been shut down in a global investigation coordinated by INTERPOL, with Indonesian authorities arresting its operator and one of its fa… Continue reading Notorious phishing platform shut down, arrests in international police operation
Joseph J. Lazzarotti of JacksonLewis writes: In a 2019 post about increasing cyber risks in K-12 schools, we cited a report, “The State of K-12 Cybersecurity: 2018 Year in Review,” that contained sobering information about cybersecurity in local school… Continue reading White House Announces Efforts to Strengthen K-12 Schools’ Cybersecurity
August 4, 2023 TLP:CLEAR Report: 202308041500 Executive Summary Rhysida is a new ransomware-as-a-service (RaaS) group that has emerged since May 2023. The group drops an eponymous ransomware via phishing attacks and Cobalt Strike to breach targets’ net… Continue reading HC3: Sector Alert: Rhysida Ransomware
Iolanda Chaves reports (machine translated): SESARAM has just issued a statement confirming the occurrence of a “deliberate and malicious cyberattack with the sole objective of causing damage and disrupting the normal functioning of the Regional … Continue reading Pt: SESARAM confirms cyberattack on region’s health service, suspends non-urgent activity Monday
Eric Geller reports: The Biden administration will host a gathering on Monday to shine a spotlight on a community that urgently needs cybersecurity aid: America’s K-12 schools. School leaders, federal officials and technology executives will convene at… Continue reading Biden Administration Launches Effort To Defend Schools From Hackers
Micaela McMurrough and Caleb Skeath of Covington & Burling write: Following up on the recent release by the New York Department of Financial Services (“NYDFS”) of an updated proposed second amendment to its “first-in-the-nation” Cybersecurity Regul… Continue reading Proposed Second Amendment to NYDFS Cybersecurity Regulations: Comments Due August 14
Harold Brubaker reports: Computer systems at Delaware County’s Crozer Health were offline Thursday after a ransomware attack on the health system’s owner, Prospect Medical Holdings Inc., the company said. “We have experienced a ransomware attack that i… Continue reading Crozer Health’s computer systems were knocked offline Thursday by a ransomware attack
Talia Weiner reports: The Township of Montclair’s insurer negotiated a settlement of $450,000 with the people behind a recent “cyber incident” in order to end the attack, a report says. […] “To guard against future incidents, the township has ins… Continue reading Cyber attack on Montclair Township led to $450K ransom payment