Oops. I missed this one when WTOC first reported it on October 17th: Dozens of social security numbers connected to work hours and rates of pay are at risk of being used by criminals because of the actions of a security firm supervisor. Those are the allegations in a lawsuit filed by a Savannah law…
Month: October 2018
TRITON Attribution: Russian Government-Owned Lab Most Likely Built Custom Intrusion Tools for TRITON Attackers
FireEye writes: In a previous blog post we detailed the TRITON intrusion that impacted industrial control systems (ICS) at a critical infrastructure facility. We now track this activity set as TEMP.Veles. In this blog post we provide additional information linking TEMP.Veles and their activity surrounding the TRITON intrusion to a Russian government-owned research institute. FireEye…
Free Decrypter Available for the Latest GandCrab Ransomware Versions
Ionut Ilascu reports: A newly released decryptor allows for the free recovery of files encrypted by some versions of GandCrab, a ransomware family that has affected hundreds of thousands of people since the beginning of the year. The free GandCrab decryption tool will decrypt files encrypted by versions 1, 4 and 5 of the ransomware. These versions…
Cyber attack exposed information for 40,000 patients of Sioux City vision clinic
Mason Doktor reports that Jones Eye Clinic and CJ Elmwood Partners, L.P., an affiliated surgery center, experienced a ransomware attack on the evening of August 22. The attack affected 40,000 patients seen between Jan. 1, 2003 and Aug. 23. The providers were able to restore from backup and did not pay any ransom. Their full notice…
Apple Just Killed The ‘GrayKey’ iPhone Passcode Hack
Thomas Brewster reports: Apple has managed to prevent the hottest iPhone hacking company in the world from doing its thing. Uncloaked by Forbes in March, Atlanta-based Grayshift promised governments its GrayKey tech could crack the passcodes of the latest iOS models, right up to the iPhone X. From then on, Apple continued to invest in security…
Data leak at consulting firm handling fundraisers for the Democratic party
Catalin Cimpanu reports: A Maryland consulting firm that handles political fundraisers for the Democratic Party has left fundraiser data and passwords to databases storing voter records exposed online via an unsecured network attached storage (NAS) device. The exposed data was found last week by Bob Diachenko, Director of Cyber Risk Research at Hacken, a cyber-security…