SecurityWeek
Ardent Hospitals Diverting Patients Following Ransomware Attack
Ransomware attack forces Ardent hospitals to shut down systems, impacting clinical and financial operations.
Bleeping Computer
Healthcare giant Henry Schein hit twice by BlackCat ransomware
American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October.
Bleeping Computer
Ukraine says it hacked Russian aviation agency, leaks data
Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector.
SecurityWeek
Henry Schein Again Restoring Systems After Ransomware Group Causes More Disruption
Healthcare solutions giant Henry Schein is once again restoring systems after ransomware group claims it re-encrypted files.
SecurityWeek
Fidelity National Financial Takes Down Systems Following Cyberattack
Fidelity National Financial is experiencing service disruptions after systems were taken down to contain a cyberattack.
The Record
Pennsylvania water authority hit with cyberattack allegedly tied to pro-Iran group
A water authority in Pennsylvania reportedly suffered a cyberattack, prompting officials to reassure people in the area that drinking water has not been affected by the incident.
The Record
Notorious ransomware gang takes credit for cyberattack on Fidelity National Financial
The AlphV/Black Cat group claimed it breached Fidelity National Financial, a Fortune 500 provider of title insurance for property sales.
The Record
KyberSwap says $54.7 million of user cryptocurrency stolen during attack
The cryptocurrency platform KyberSwap said on Friday that around $54 million worth of cryptocurrency was stolen during a cyberattack announced earlier in the week.
The Record
Multiple hospitals divert ambulances after ransomware attack on parent company
Ardent Health Services confirmed that it was responding to an incident. Hospitals in Texas, Idaho, Oklahoma, New Mexico and New Jersey reported problems over several days.
The Record
Suspected Hamas-linked hackers target Israel with new version of SysJoker malware
Cybersecurity companies Check Point and Intezer analyzed what appears to be a rewrite of backdoor malware that targeted Israel's education sector as early as 2021.
The Record
Ukraine claims cyber operation against Russian aviation agency
Ukraine's defense intelligence directorate reported that it had completed a “complex special operation in cyberspace” against Rosaviatsia, which oversees Russian civil aviation.
Security Affairs
Security Affairs newsletter Round 447 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Bleeping Computer
General Electric investigates claims of cyber attack, data theft
General Electric is investigating claims that a threat actor breached the company's development environment in a cyberattack and leaked allegedly stolen data.
Bleeping Computer
Cyberattack on IT provider CTS impacts dozens of UK law firms
A cyberattack on CTS, a leading managed service provider (MSP) for law firms and other organizations in the UK legal sector, is behind a major outage impacting numerous law firms and home buyers in the country since Wednesday.
SecurityWeek
In Other News: National Laboratory Breach, Airplane GPS Attacks, Russia Accuses Allies of Hacking
Idaho National Laboratory breach, GPS attacks target airplanes, Russian accuses China and North Korea of hacking.
The Record
Potentially hundreds of UK law firms affected by cyberattack on IT provider CTS
The managed service provider CTS confirmed it had experienced a "cyber-incident." At least one report said the CitrixBleed bug was involved.
The Record
Canada’s privacy watchdog investigating hack affecting military and RCMP personnel
Two contractors that provide relocation services for personnel informed the Canadian government of the breach in October.
The Record
Vanderbilt University Medical Center investigating cybersecurity incident
Vanderbilt University Medical Center said it is investigating a cybersecurity incident that led to the compromise of a database.
The Record
How one Russian nonprofit is trying to crack through the Kremlin’s censorship wall
A decade after its founding, the internet freedom organization Roskomsvoboda finds itself adjusting to harsh political and social realities within Russia, where a wartime regime continues to expand its authority over the internet.
Security Affairs
Automotive parts giant AutoZone disclosed data breach after MOVEit hack
American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack
CSO
Cyberattacks on Israel intensify as the war against Hamas rages: Check Point
Cyberattacks have grown in frequency as well as sophistication as the Israel-Hamas conflict intensifies.
The Record
Kansas Supreme Court: Hackers stole records, confidential files in October attack
Hackers who attacked the Kansas court system last month stole records and confidential files, according to the state's Supreme Court.
Bleeping Computer
Kansas courts confirm data theft, ransom demand after cyberattack
The Kansas Judicial Branch has published an update on a cybersecurity incident it suffered last month, confirming that hackers stole sensitive files containing confidential information from its systems.
DarkReading
Scattered Spider Hops Nimbly from Cloud to On-Prem in Complex Attack
The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more.
SecurityWeek
Kansas Officials Blame 5-Week Disruption of Court System on ‘Sophisticated Foreign Cyberattack’
Kansas court system said it would take several weeks to return to normal operations after a disruptive ransomware attack hit its systems.
SecurityWeek
Citrix, Gov Agencies Issue Fresh Warnings on CitrixBleed Vulnerability
Administrators are urged to patch the recent CitrixBleed NetScaler vulnerability as LockBit starts exploiting it.
CSO
Flaw in Citrix software led to the recent cyberattack on Boeing: Report
Malicious elements, including LockBit 3.0, managed to exploit vulnerabilities in Citrix software even after they were fixed.
The Record
Cyberattackers leaked data of 27,000 NYC Bar Association membersers
The Clop ransomware gang claimed to have attacked the organization in January. Eleven months later, the New York City Bar Association has finally acknowledged the incident.
Bleeping Computer
Hacktivists breach U.S. nuclear research lab, steal employee data
The Idaho National Laboratory (INL) confirms they suffered a cyberattack after 'SiegedSec' hacktivists leaked stolen human resources data online.
SecurityWeek
Canadian Military, Police Impacted by Data Breach at Moving Companies
Data breaches at two moving companies impacts Canadian government employees, and military and police personnel.
SecurityWeek
Sumo Logic Completes Investigation Into Recent Security Breach
Sumo Logic has completed its investigation into the recent security breach and found no evidence of impact to customer data.
CyberNews
US nuclear lab confirms data breach
Attackers claim to have breached the Idaho National Laboratory, a nuclear facility.
CyberNews
AutoZone adds itself to MOVEit victim list
US automotive parts giant says up to nearly 185,000 people may have been affected by cyberattack earlier this year.
CSO
MOVEit carnage continues with over 2600 organizations and 77M people impacted so far
The number of companies impacted by one of the biggest cyberattack incidents of the year continues to grow.
The Record
Crypto firm Kronos Research says $26 million stolen after cyberattack
Cryptocurrency trading and investment firm Kronos Research said $26 million worth of cryptocurrency was stolen from its systems following a cyberattack.
Bleeping Computer
Cybersecurity firm executive pleads guilty to hacking hospitals
The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett Medical Center (GMC), in June 2021 to boost his company's business.
Security Affairs
Rhysida ransomware gang is auctioning data stolen from the British Library
The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage.
Bleeping Computer
Rhysida ransomware gang claims British Library cyberattack
The Rhysida ransomware gang has claimed responsibility for a cyberattack on the British Library in October, which has caused a major ongoing IT outage.
CyberSecurity Dive
‘Honesty’: Estes details its playbook for responding to a cyberattack
Being open about the incident engendered goodwill from customers and colleagues, executives said.
CyberNews
Canadian Armed Forces, Mounties exposed in data breach
Members of the Canadian Armed Forces members, public servans, Mounties were exposed in a massive data breach.
The Record
Greater Paris wastewater agency dealing with cyberattack
The organization that manages wastewater for nine million people in and around Paris was hit with a cyberattack last week.
The Record
Personal info of Canadian Armed Forces, RCMP stolen in cyberattack
A cyberattack on the systems of a Canadian government contractor used for relocation services has compromised data belonging to service members and the Royal Canadian Mounted Police.
The Record
Nearly 9 million patients' records compromised in data breach
The attack on a medical transcription company is one of the worst healthcare-related data breaches in recent years, according to U.S. Department of Health and Human Services records.
The Record
British Library says ransomware hackers stole data from HR files
The British Library — one of the largest libraries in the world and the national library of the United Kingdom — said the ransomware gang behind a recent attack on its systems appeared to leak data stolen from its human resources files.
The Record
In recent interview, ousted Ukrainian cyber official spoke about new Russian attacks, long-term plans
Ukraine's anti-corruption agency sent shockwaves through the country's cybersecurity agencies on Monday morning, when it announced that it had launched an investigation into the procurement practices of a handful of its top cyber officials.
Jule-Nisserne
Mystisk Netværksangreb Lammer Julegavefabrikken
Et omfattende cyberattack har forårsaget et produktionsstop i Julenissernes Julegavefabrik, hvilket skabte kaos op til julen 2023. Grumme panda er mistænkt.
Bleeping Computer
The Week in Ransomware - November 17th 2023 - Citrix in the Crosshairs
Ransomware gangs target exposed Citrix Netscaler devices using a publicly available exploit to breach large organizations, steal data, and encrypt files.
CyberNews
Systems East attackers steal 209K encrypted payment cards
Systems East attacker stole thousands of encrypted payment cards.
SecurityWeek
CitrixBleed Vulnerability Exploitation Suspected in Toyota Ransomware Attack
Toyota Financial Services has been hit by a ransomware attack that may have involved exploitation of the CitrixBleed vulnerability.
CyberNews
City of Long Beach declares local emergency after cyberattack
The City of Long Beach, California declares a Local Emergency after a 'network security incident' on November 14th, forcing the city to shut down some systems..
Ars Technica
Ransomware group reports victim it breached to SEC regulators
Group tells SEC that the victim is in violation for not reporting it was hacked.
The Record
Multiple colleges, K-12 schools facing outages after cyberattacks
North Carolina Central University is investigating a cyberattack this week, as are school districts in Michigan, Oregon and Atlanta.
The Record
Russian analysts point finger at China, North Korea over cyber activity
Despite the countries' warm relationship, Russia is being targeted by North Korean and Chinese state hacking groups, a cybersecurity firm connected to Rostelecom claims.
The Record
Yamaha and WellLife Network confirm cyber incidents after ransomware gang claims attacks
A ransomware group that has been exploiting a vulnerability in Citrix products posted both companies to its leak site.
Bleeping Computer
Long Beach, California turns off IT systems after cyberattack
The City of Long Beach in California is warning that they suffered a cyberattack on Tuesday that has led them to shut down portions of their IT network to prevent the attack's spread.
CyberSecurity Dive
Clorox CISO departs months after cyberattack
The C-suite change comes in the aftermath of a cyberattack that damaged IT infrastructure, led to widespread disruption and negatively impacted earnings.
CyberNews
Toyota Financial Services attack claimed by Medusa ransomware
Toyota Financial Services suffered a cyberattack with Medusa ransomware claiming the breach.
CyberNews
Samsung notifies UK store customers of data breach
Samsung Electronics, a South Korean multinational tech corporation, has notified some of its customers of a data breach that exposed their personal data to a hacker.
The Hacker News
Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure
Denmark's energy sector hit by massive cyberattack! In May 2023, 22 Danish energy sector companies were simultaneously targeted.
Bleeping Computer
Ransomware gang files SEC complaint over victim’s undisclosed breach
The ALPHV/BlackCat ransomware operation has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint against one of their alleged victims for not complying with the four-day rule to disclose a cyberattack.
The Record
Toyota recovering from cyberattack on its financial services division
The company acknowledged the cyberattack hours after the Medusa ransomware gang claimed to have stolen data from Toyota Financial Services.
The Record
MeridianLink confirms cyberattack after ransomware gang claims to report company to SEC
Ransomware group AlphV claimed on its leak site that it reported MeridianLink to the Securities and Exchange Commission (SEC) for not informing the regulator of a cyberattack.
The Record
FTC targets telecom provider for inmates after massive data breach
The federal agency wants Virginia-based Global Tel*Link Corp. to improve its security practices and incident reporting policies.
The Record
Customs and Border Protection acquired ‘huge amount of surveillance power’
LexisNexis Risk Solutions provided CBP with capabilities such as collecting geolocation data, monitoring social media accounts and tracking cell phone call histories for non-U.S. and U.S. residents alike, according to documents obtained by an advocacy group.
Bleeping Computer
Samsung hit by new data breach impacting UK store customers
Samsung Electronics is notifying some of its customers of a data breach that exposed their personal information to an unauthorized individual.
Bleeping Computer
New Samsung data breach impacts UK store customers
Samsung Electronics is notifying some of its customers of a data breach that exposed their personal information to an unauthorized individual.
Bleeping Computer
PJ&A says cyberattack exposed data of nearly 9 million patients
PJ&A (Perry Johnson & Associates) is warning that a cyberattack in March 2023 exposed the personal information of almost nine million patients.
CyberNews
Tyson Foods claimed by Snatch ransomware gang
Tyson Foods claimed by ransomware gang in a supposed cyberattack.
CyberNews
Ohio city severely disrupted by ransomware attack
Huber Heights and Bladen County fell victim to disruptive cyberattacks.
The Record
Nearly two dozen Danish energy companies hacked through firewall bug in May
Denmark's critical infrastructure experienced the largest cyberattack in the country's history this spring, with 22 energy companies breached in just a few days, according to a new report from one of the country’s top cyber agencies.
The Record
CISA's Goldstein: Ukrainian response to Viasat hack proves need for redundancy, resilience
The Ukrainian military’s ability to recover from the Russian attack on satellite company Viasat is an example of the need for redundant systems and resilient organizations, according to a top U.S. government cybersecurity official.
Bleeping Computer
LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed
The Lockbit ransomware attacks use publicly available exploits for the Citrix Bleed vulnerability (CVE-2023-4966) to breach the systems of large organizations, steal data, and encrypt files.
Latest Hacking News
ICBC Ransomware Attack – China’s Largest Bank Forced To Use USBs
As ransomware attacks continue wreaking havoc, the latest victim turned out to be the largest Chinese bank. The ICBC Bank admitted suffering a ransomware attack, following which, the bank switched to using USB sticks to
The Hacker News
The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy
Data breaches cost businesses $4.45 million on average in 2023! Don't let your organization become a statistic.
Security Affairs
Major Australian ports blocked after a cyber attack on DP World
A cyber attack on the logistics giant DP World caused significant disruptions in the operations of several major Australian ports.
CyberNews
Denmark hit with largest cyberattack on record
Hackers potentially linked to Russia’s military intelligence carried out a series of highly coordinated cyberattacks on Danish energy infrastructure, a report says.
The Record
Cyberattack on North Carolina county allowed hackers to access data
A cyberattack on a North Carolina county has forced officials to call in the state’s national guard for assistance.
Bleeping Computer
DP World cyberattack blocks thousands of containers in ports
A cyberattack on international logistics firm DP World Australia has severely disrupted the regular freight movement in multiple large Australian ports.
CyberSecurity Dive
Henry Schein says customer data breached in cyber incident
The company lowered its 2023 sales and earnings forecasts in response to the incident, which took some of its distribution systems offline.
SecurityWeek
Ransomware Group Leaks Files Allegedly Stolen From Boeing
The LockBit ransomware group has leaked gigabytes of files allegedly stolen from the systems of aerospace giant Boeing.
CyberNews
Crypto exchange Poloniex hacked, offers 5% bounty on $114M stolen
After suspicious outflows of $114 million, cryptocurrency exchange Poloniex has confirmed that it has been hacked.
SecurityWeek
Mr. Cooper Says Customer Data Compromised in Cyberattack
US mortgage giant Mr. Cooper announced over the weekend that customer data was compromised in an October 31 cyberattack.
SecurityWeek
Operations at Major Australian Ports Significantly Disrupted by Cyberattack
A cyberattack on Australian shipping giant DP World, which may have been a ransomware attack, has resulted in serious disruptions at major ports.
CyberNews
Hacking the sky: planes need patching, too – interview
Cyber assaults on the aviation sector carry more serious repercussions than mere data theft or DDoS attacks.
The Record
Australian ports operator recovering after major cyber incident
One of Australia's largest port operators is resuming operations after being hit by a cyberattack late last week.
The Record
Boeing investigating leaked data after LockBit allegedly publishes stolen info
Airplane maker Boeing said it is investigating data leaked by a prominent Russia-based ransomware gang that was allegedly stolen from the company.
Bleeping Computer
LockBit ransomware leaks gigabytes of Boeing data
The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems.
Cyber Security News
10 Best Digital Forensic Investigation Tools - 2024
Best Free Digital Forensic Tools: 1. Sleuth Kit (+Autopsy) 2. Forensic Investigator 3.Autopsy 4. Dumpzilla 5. X-Ways Forensics.
Bleeping Computer
Mortgage giant Mr. Cooper says customer data exposed in breach
Mr. Cooper, the largest home loan servicer in the United States, says it found evidence of customer data exposed during a cyberattack disclosed last week, on October 31.
Bleeping Computer
McLaren Health Care says data breach impacted 2.2 million people
McLaren Health Care (McLaren) is notifying nearly 2.2 million people of a data breach that occurred between late July and August this year, exposing sensitive personal information.
CyberSecurity Dive
Chinese banking giant’s US arm hit by ransomware attack
The hack reportedly disrupted the trading of U.S. Treasuries. The Industrial and Commercial Bank of China Financial Services said it is investigating the attack and progressing recovery efforts.
CyberNews
New malvertising campaign targets Windows geeks
A threat actor copied a legitimate Windows news website to deliver an infostealer for the CPU-Z processor tool.
The Record
Washington State Department of Transportation working to recover from cyberattack
Washington’s State Department of Transportation is recovering from a cyberattack that is causing a range of issues for local ferries and apps used for maps.
CyberSecurity Dive
Mr. Cooper customers’ data exposed by cyberattack
The mortgage servicing provider has yet to determine how many of its 4.3 million customers had data compromised or the extent of potential damage.
CyberNews
Lego fans told to change passwords after cyberattack
BrickLink, a Lego-owned marketplace, advised users to update their passwords after a cyberattack.
Bleeping Computer
Russian hackers switch to LOTL technique to cause power outage
Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the final stage of the attack quicker and with less resources
CyberSecurity Dive
MGM Resorts anticipates no further disruptions from September cyberattack
The company expects insurance to cover more than $100 million in losses stemming from lost bookings and disruptions at its Las Vegas properties.
CyberScoop
Russian hackers disrupted Ukrainian electrical grid last year
The notorious Russian hacking group known as Sandworm took down a substation that caused a brief outage, according to a new Mandiant report.
The Record
Ukraine energy facility took unique Sandworm hit on day of missile strikes, report says
Researchers from Mandiant reported on an October 2022 incident involving Russian nation-state hackers that included multiple rare or previously unseen elements.
Bleeping Computer
Russian state-owned Sberbank hit by 1 million RPS DDoS attack
Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service (DDoS) attack in recent history.
CyberNews
Despite pledges not to pay, ransoms are here to stay
Cybernews asked more than 30 experts from various fields if they’d be willing to pay a ransom in the event of a cybersecurity breach.
CyberSecurity Dive
Cyberattack hits Singapore’s Marina Bay Sands hotel and casino
The Las Vegas Sands Corp.-owned property said the intrusion exposed the personal data of about 665,000 people.
CyberNews
Marina Bay Sands Singapore luxury resort breached
Singapore’s iconic Marina Bay Sands luxury resort and casino says loyalty member's personal information was compromised in a data breach.
Bleeping Computer
TransForm says ransomware data breach affects 267,000 patients
Shared service provider TransForm has published an update on the cyberattack that recently impacted operations in multiple hospitals in Ontario, Canada, clarifying that it was a ransomware attack.
CyberSecurity Dive
Cyberattack hits Mr. Cooper, blocks millions of mortgage payments
The loan servicing giant shut down systems after it detected the intrusion and set up alternative methods for its 4.3 million customers to make payments.
The Record
Japan Aviation Electronics says servers accessed during cyberattack
Manufacturing giant Japan Aviation Electronics confirmed that its systems are facing a cyberattack that has forced the company to shut down its website.
The Record
Singapore’s Marina Bay Sands says 665,000 customers had data stolen during cyberattack
The company said it became aware of a data security incident on October 20 after hackers broke into their systems the day before.
The Record
Mortgage giant Mr. Cooper using alternative payment options after cyberattack
Customers attempting to log in to Mr. Cooper's website to pay their mortgages or loans were instead greeted with a message stating that the company was suffering a technical outage, later confirmed to be a cyberattack.
The Record
Iran-linked hackers attack Israeli education and tech organizations
Hackers suspected of being tied to Iran’s government have been deploying new destructive malware against Israeli organizations, according to recent research.
Cyber Security News
Threat and Vulnerability Roundup for the week of October 29th to November 4th
welcome to Cyber Writes' weekly publication - the Threat and Vulnerability Roundup! Get ready to dive into the latest and greatest in cybersecurity, as we bring you the most up-to-date information each week.
Bleeping Computer
The Week in Ransomware - November 3rd 2023 - Hive's Back
Over the past couple of months, ransomware attacks have been escalating as new operations launch, old ones return, and existing operations continue to target the enterprise.
CyberScoop
CISA sees increase in zero-day exploitation, official says
Michael Duffy, an official in CISA’s cybersecurity division, says zero-day exploits are “really affecting the federal government networks.”
CyberSecurity Dive
5 Okta customers snared in attack on the provider’s support system
The IAM provider says the attack was most likely linked to a compromised employee’s personal Google account or personal device.
CSO
Boeing systems hit in reported Lockbit cyberattack
Boeing has confirmed that an "incident" has occurred, after reports surfaced that the Lockbit ransomware group has claimed to have exfiltrated sensitive data from the aerospace giant.
The Record
American Airlines pilot union hit with ransomware
The union is working to restore its systems following a ransomware attack, the latest in a rash of cyber incidents affecting the aviation industry.
Bleeping Computer
Ace Hardware says 1,202 devices were hit during cyberattack
Ace Hardware confirmed that a cyberattack is preventing local stores and customers from placing orders as the company works to restore 196 servers.
Bleeping Computer
BlackCat ransomware claims breach of healthcare giant Henry Schein
The BlackCat (ALPHV) ransomware gang claims it breached the network of healthcare giant Henry Schein and stole dozens of terabytes of data, including payroll data and shareholder information.
Bleeping Computer
Mortgage giant Mr. Cooper hit by cyberattack impacting IT systems
U.S. mortgage lending giant Mr. Cooper was breached in a cyberattack that caused the company to shut down IT systems, including access to their online payment portal.
CyberSecurity Dive
Okta employee data breached in third-party healthcare attack
An incident at Rightway Healthcare resulted in a breach of sensitive health information of almost 5,000 Okta employees. It’s the latest in a series of security woes for the IAM provider.
Bleeping Computer
Boeing confirms cyberattack amid LockBit ransomware claims
Aerospace giant Boeing is investigating a cyberattack that impacted its parts and distribution business after the LockBit ransomware gang claimed that they breached the company's network and stole data.
CyberSecurity Dive
Non-bank financial institutions must report data security breaches: FTC
The amendment to the FTC’s Safeguards Rule requires non-banking financial institutions to disclose data breaches within 30 days.
SecurityWeek
Boeing Confirms Distribution Business Hit by Cyberattack
Boeing has confirmed a cyberattack after a ransomware group claimed to have breached the company’s systems.
CyberSecurity Dive
Boeing confirms cyberattack, global services disrupted
The aerospace and defense company declined to describe the nature of the attack but said flight safety is not affected.
Cyber Security News
Boeing Admits Cyberattack; Lockbit Claims Zero-Day Exploit Was Used to Gain Access
Boeing, the aerospace industry leader, has recently reported a cyberattack on its systems. The attack primarily targeted the company's parts and distribution business.
The Record
Nearly 5,000 Okta employees affected by third-party data breach
Almost 5,000 Okta employees were affected by a data breach following a cyberattack on a third-party provider used by the company for healthcare services.
The Record
Boeing says cyber incident affects parts and distribution business
"We are aware of a cyber incident impacting elements of our parts and distribution business," a spokesperson told Recorded Future News. "This issue does not affect flight safety.”
Bleeping Computer
Toronto Public Library outages caused by Black Basta ransomware attack
The Toronto Public Library is experiencing ongoing technical outages due to a Black Basta ransomware attack.
DarkReading
FBI Director Warns of Increased Iranian Attacks
Christopher Wray tells the US Senate that more US infrastructure will be targeted for cyberattacks in the wake of the Gaza conflict.
CyberSecurity Dive
Caesars shakes off cyberattack with strong Q3 Las Vegas demand
The casino operator, however, faces extensive litigation and government inquiries following theft of its customer rewards database.
The Record
Major Mexican airport confirms experts are working to address cyberattack
The Querétaro Intercontinental Airport — about three hours from Mexico City — posted on social media that it was responding to an unspecified incident.
The Record
A ‘kill switch’ deliberately shut down notorious Mozi botnet, researchers say
Researchers suspect a takedown of the botnet with a "kill switch" was likely executed by the creators of Mozi or Chinese law enforcement.
The Record
California community college Río Hondo dealing with cybersecurity incident
The LockBit ransomware gang added the school to its list of victims, giving officials until November 20 to pay an undisclosed ransom.
The Record
War crimes prosecutor says trials this time might be different
Will there be justice for the atrocities in Bucha, Ukraine? Stephen Rapp, a former U.S. ambassador-at-large for war crimes, talks with the Click Here podcast team about the future of that case and others.
DarkReading
Malware 'Meal Kits' Serve Up No-Fuss RAT Attacks
The wider availability of turnkey cyberattack kits in the criminal underground is leading to a glut of campaigns using remote access Trojans (RATs).
SecurityWeek
Cybersecurity Leaders Spooked by SEC Lawsuit Against SolarWinds CISO
The SEC's lawsuit against the CISO of SolarWinds is leaving CISOs across the industry spooked and reevaluating their roles.
Bleeping Computer
British Library knocked offline by weekend cyberattack
The British Library has been hit by a major IT outage affecting its website and many of its services following a "cyber incident" that impacted its systems on Saturday, October 28.
SecurityWeek
Extending ZTNA to Protect Against Insider Threats
Overcoming the failures and challenges of Zero Trust Network Access (ZTNA) for in-office and remote users
CSO
SEC sues SolarWinds and its CISO for fraudulent cybersecurity disclosures
SEC has accused SolarWinds and its CISO of understating cybersecurity risks to stakeholders and said the company missed numerous red flags.
SecurityWeek
SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures
The SEC filed charges against SolarWinds and its CISO Timothy Brown, over misleading investors about its cybersecurity practices and known risks.
The Record
FBI ‘keeping a close eye’ on Iranian hackers as Israel-Hamas war intensifies
Digital attacks against the U.S. by Iran and non-state actors could worsen if the conflict between Israel and Hamas grows, FBI Director Christopher Wray warned on Tuesday.
The Record
Pro-Ukraine group says it breached Russian card payment system
Russia's government-run National Payment Card System (NSPK) and its Mir consumer payment network both were targets, according to a pro-Ukrainian group known as DumpForums and hackers with the Ukrainian Cyber Alliance.
Bleeping Computer
LastPass breach linked to theft of $4.4 million in crypto
Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto fraud researchers who have been researching similar incidents.
CyberSecurity Dive
SEC charges SolarWinds, its CISO with fraud
The company allegedly misled investors regarding its cybersecurity practices and failed to disclose known risks, according to a complaint.
Bleeping Computer
Toronto Public Library services down following weekend cyberattack
The Toronto Public Library (TPL) is warning that many of its online services are offline after suffering a cyberattack over the weekend, on Saturday, October 28.
CSO
New malware campaign uses MSIX packages to infect Windows PCs
The Ghostpulse loader, injected through MSIX packages, is a stealthy dropper that avoids detection by the victim’s scanners.
The Record
Toronto Public Library facing disruptions due to cyberattack
Canada’s largest public library system said it is dealing with a cyberattack that brought down its website, member services pages and limited access to its digital collections.
The Record
SEC charges SolarWinds CISO with fraud for misleading investors before major cyberattack
The Securities and Exchange Commission (SEC) announced on Monday evening that it plans to charge SolarWinds Chief Information Security Officer Timothy Brown with fraud for his role in allegedly lying to investors by “overstating SolarWinds' cybersecurity practices and understating or failing to disclose known risks.”
The Record
Dallas County confirms cybersecurity 'incident' after ransomware gang claims attack
On Saturday, the Play ransomware gang posted the county to its leak site, claiming to have stolen an undisclosed amount of data.
Bleeping Computer
Hackers email stolen student data to parents of Nevada school district
The Clark County School District (CCSD) in Nevada is dealing with a potentially massive data breach, as hackers email parents their children's' data that was allegedly stolen during a recent cyberattack.
The Record
Ukrainian hackers disrupt internet providers in Russia-occupied territories
Ukrainian hackers have temporarily disabled internet services in parts of the country’s territories that have been occupied by Russia.
Bleeping Computer
The Week in Ransomware - October 27th 2023 - Breaking Records
Ransomware attacks are increasing significantly, with reports indicating that last month was a record month for ransomware attacks in 2023.
CyberSecurity Dive
How to protect sensitive school data during a cyberattack
The CFO of a Texas school district recommends safer ways to request sensitive employee data and stronger password and verification policies.
The Record
Stanford University investigating cyberattack after ransomware claims
Stanford is looking into a cybersecurity incident within its Department of Public Safety after a ransomware gang claimed it attacked the school on Friday.
The Record
France accuses Russian state hackers of targeting government systems, universities, think tanks
A hacking group associated with Russia’s military intelligence agency has been spying on French universities, businesses, think tanks, and government agencies, according to a new report from France’s top cybersecurity agency.
DarkReading
Microsoft: 0ktapus Cyberattackers Evolve to 'Most Dangerous' Status
The English-speaking cyberattack group behind the MGM and Caesars Entertainment attacks is adding unique capabilities and gaining in sophistication. Prepare now, Microsoft says.
Bleeping Computer
Cloudflare sees surge in hyper-volumetric HTTP DDoS attacks
The number of hyper-volumetric HTTP DDoS (distributed denial of service) attacks recorded in the third quarter of 2023 surpasses every precedent, indicating that the field has entered a new chapter.
CyberNews
Curve Finance suffers second crypto cyberattack
Stablecoin trader hacked again and is being drained of money by an unknown threat actor, cybersecurity analysts are claiming.
CyberSecurity Dive
Philadelphia discloses email compromise 5 months after initial detection
An ongoing investigation uncovered a two-month dwell time in the city’s email system that exposed some individuals’ sensitive information.
CSO
Teleport’s new offering to help reduce attack response times
The identity governance and security offering will automate access requests, detect weak access patterns, and help with incident response.
Bleeping Computer
Chilean telecom giant GTD hit by the Rorschach ransomware gang
Chile's Grupo GTD warns that a cyberattack has impacted its Infrastructure as a Service (IaaS) platform, disrupting online services.
CyberSecurity Dive
LastPass working through ‘systemic’ security overhaul
“We didn’t just address the issues that were the cause of the breach,” CEO Karim Toubba said. Still, nearly 1 in 10 customers are fleeing the password manager.
SecurityWeek
Personal Information Stolen in City of Philadelphia Email Hack
The City of Philadelphia says personal, health, and financial information was stolen in a cyberattack on its email environment.
Bleeping Computer
Cyberattack on health services provider impacts 5 Canadian hospitals
A cyberattack on shared service provider TransForm has impacted operations in five hospitals in Ontario, Canada, impacting patient care and causing appointments to be rescheduled.
The Record
Neuberger: New global initiatives will include information sharing, ransomware payment tracking
A global coalition of government cybersecurity leaders will announce efforts to boost information sharing about digital threats and take on nefarious cryptocurrency payments when they convene in Washington next week, a senior White House official said on Tuesday.
Bleeping Computer
University of Michigan employee, student data stolen in cyberattack
The University of Michigan says in a statement today that they suffered a data breach after hackers broke into its network in August and accessed systems with information belonging to students, applicants, alumni, donors, employees, patients, and research study participants.
The Record
University of Michigan warns that personal information was leaked during cyberattack
Troves of sensitive personal information from students, applicants, employees and others were leaked during an August cyberattack, the university said.
The Record
New York health network restores services after crippling cyberattack
Westchester Medical Center Health Network was forced to divert ambulances from three medical facilities throughout the week and faced backlash from community members for not fully explaining the situation.
The Record
CISA working on updated National Cyber Incident Response Plan
The Cybersecurity and Infrastructure Security Agency (CISA) is working with industry stakeholders and government agencies on a new version of the National Cyber Incident Response Plan (NCIRP) — the framework that outlines the country’s response to significant cyber incidents.
The Record
Spanish police arrest 34 alleged cybercriminals for scamming operation
Spanish police have arrested 34 alleged cybercriminals accused of carrying out a variety of online scams — seizing firearms, a katana sword, baseball bat and 80,000 Euros in the process.
The Record
Ukraine security services involved in hack of Russia’s largest private bank
Ukrainian hackers collaborated with the country's security services, the SBU, to breach Russia's Alfa-Bank.
The Record
Alleged covert wiretap on Russian messaging service blown by expired TLS certificate
Researchers said the suspected man-in-the-middle attack was identified when the administrator of jabber.ru, the largest Russian XMPP service, received a notification that one of the servers’ certificates had expired.
Bleeping Computer
American Family Insurance confirms cyberattack is behind IT outages
Insurance giant American Family Insurance has confirmed it suffered a cyberattack and shut down portions of its IT systems after customers reported website outages all week.
Bleeping Computer
The Week in Ransomware - October 20th 2023 - Fighting Back
This was a bad week for ransomware, with the Trigona ransomware suffering a data breach and law enforcement disrupting the RagnarLocker ransomware operation.
Bleeping Computer
International Criminal Court systems breached for cyber espionage
The International Criminal Court provided additional information about the cyberattack five weeks ago, saying that it was a targeted operation for espionage purposes.
SecurityWeek
Okta Support System Hacked, Sensitive Customer Data Stolen
Okta warns that hackers broke into its support case management system and stole sensitive data that can be used to impersonate valid users.
Bleeping Computer
Kwik Trip finally confirms cyberattack was behind ongoing outage
Two weeks into an ongoing IT outage, Kwik Trip finally confirmed that it's investigating a cyberattack impacting the convenience store chain's internal network since October 9.
The Hacker News
Unleashing the Power of the Internet of Things and Cyber Security
IoT adoption is on the rise, but it comes with risks. Explore the challenges and opportunities of seamlessly integrating IoT into your business while
-1.webp)
Cyber Security News
U.S. Government Releases Popular Phishing Technique Used by Hackers
Phishing is a cyberattack that uses deception to trick people into giving away sensitive information or taking actions that compromise security.
CyberSecurity Dive
FAIR Institute wants to quantify just how much a cyberattack costs
The risk-management body is trying to create a standard to estimate material cyber attack costs and help stakeholders better understand risk.
The Record
War crimes tribunal says September cyberattack was act of espionage
The September attack came at a time of “broader and heightened security concerns for the Court,” including threats against several of its elected officials.
The Record
Casio says customers in 148 countries affected by breach
The company said hackers accessed the company’s education web application ClassPad.net. The breach was traced back to "insufficient operational management.”
The Record
Exclusive: How a defend-forward operation gave Ukraine’s SBU an edge over Russia
On a recent trip to Kyiv, the Click Here team spoke with Illia Vitiuk, head of the cyber department of the Security Service of Ukraine, about the importance of an early operation with U.S. hunt teams and why he considers attacks on civil infrastructure “to be nothing but a war crime.”
ZDNet
What is ransomware? Everything you need to know and how to reduce your risk
The ransomware business is booming, and really anyone can be the next victim. Here's how to protect yourself and your organization from an attack. Too late for prevention? We'll show you what to do next.
SecurityWeek
Operations of Healthcare Solutions Giant Henry Schein Disrupted by Cyberattack
Healthcare solutions giant Henry Schein has disclosed a cybersecurity incident that disrupted operations and possibly led to a data breach.
The Record
Lloyd’s of London finds hypothetical cyberattack could cost world economy $3.5 trillion
Researchers found that a global attack would shave off trillions in gross domestic product over a five-year period, with the United States the worst hit, followed by China and Japan.
The Record
UK warns nuclear power plant operator of cybersecurity failings
EDF failed to “meet its commitment to provide us with a comprehensive and fully resourced cyber security improvement plan,” according to the U.K. chief nuclear inspector’s annual report.
The Record
Exclusive: Ukraine says joint mission with US derailed Moscow’s cyberattacks
Ukrainian officials speak with the Click Here podcast team about something they previously kept close to the vest: Their country's hunt forward operations with personnel from U.S. Cyber Command.
Bleeping Computer
KwikTrip all but says IT outage was caused by a cyberattack
Kwik Trip has released another statement on an ongoing outage, all but confirming it suffered a cyberattack that has led to IT system disruptions.
DarkReading
‘Etherhiding’ Blockchain Technique Hides Malware in WordPress Sites
The ClearFake campaign uses fake browser updates to lure victims and spread RedLine, Amadey, and Lumma stealers.
Infosecurity News
Rising AI-Fueled Phishing Drives Demand for Password Alternatives
FIDO Alliance’s Online Authentication Barometer showed that AI-powered phishing is prompting users to switch passwords for MFA
SecurityWeek
NSA Publishes ICS/OT Intrusion Detection Signatures and Analytics
NSA has released Elitewolf, a repository of intrusion detection signatures and analytics for OT environments.
The Record
Russia’s Sandworm hacking unit targets Ukrainian telecom providers
The infamous Russian state hacking group known as Sandworm has targeted at least eleven Ukrainian internet and telecom providers since May, according to a recent report from Ukrainian cybersecurity authorities.
The Record
Chilean government warns of Black Basta ransomware attacks after customs incident
The government of Chile warned of ransomware attacks by a notorious gang of hackers after its customs department dealt with an incident on Tuesday.
The Record
TV advertising sales giant affected by ransomware attack
Ampersand — co-owned by Comcast Corporation, Charter Communications and Cox Communications — confirmed it had dealt with a ransomware incident but declined to say when the attack occurred or whether a ransom would be paid.
SecurityWeek
Academics Devise Cyber Intrusion Detection System for Unmanned Robots
Australian AI researchers teach an unmanned military robot’s operating system to identify MitM cyberattacks.
SecurityWeek
Equifax Fined $13.5 Million Over 2017 Data Breach
UK’s financial watchdog FCA imposes a £11 million (approximately $13.5 million) fine to Equifax over the 2017 data breach.
The Record
Kansas courts closed, electronic systems down after alleged ransomware attack
Courts in the city of Topeka are closed to the public on Monday, while the Kansas Supreme Court is exclusively using paper records to operate.
Bleeping Computer
AI algorithm detects MitM attacks on unmanned military vehicles
Professors at the University of South Australia and Charles Sturt University have developed an algorithm to detect and intercept man-in-the-middle (MitM) attacks on unmanned military robots.
Bleeping Computer
The Week in Ransomware - October 13th 2023 - Increasing Attacks
Ransomware gangs continue to pummel the enterprise, with attacks causing disruption in business operations and resulting in data breaches if a ransom is not paid.
Bleeping Computer
Kwik Trip IT systems outage caused by mysterious ‘network incident’
Kwik Trip has been impacted by a wide range of mysterious business disruptions since this weekend that are indicative of a ransomware attack.