Abdul Karim Abdulwahab reports: The illegal revenue accruing to crypto criminals from ransomware exploits declined in 2022 as more victims refused to pay, according to recent data published by market intelligence firm, Chainalysis. The report noted that Ransomware attackers could only extort $456 million from victims in 2022 after stealing nearly twice that value in…
Month: January 2023
ODIN Intelligence website is defaced as hackers claim breach
Earlier this week, Zack Whittaker reported: The website for ODIN Intelligence, a company that provides technology and tools for law enforcement and police departments, was defaced on Sunday. The apparent hack comes days after Wired reported that an app developed by the company, SweepWizard, which allows police to manage and coordinate multi-agency raids, had a significant security…
More data leaked from St. Rose Hospital ransomware incident
Since DataBreaches first reported that data from St. Rose Hospital had appeared on a popular hacking forum and appeared to be linked to the BianLian ransomware group, there have been some additional developments: St. Rose Notified the California Attorney General’s Office The notification, submitted to California on January 12, states that Hayward Sisters Hospital d/b/a…
Bits ‘n Pieces (Trozos y Piezas)
CR: Ministry of Public Works and Transportation Hit by Ransomware Costa Rica’s Ministry of Public Works and Transportation (MOPT) has been the target of a ransomware attack by as yet unidentified individuals. The attack was reported by the Ministry of Science, Innovation, Technology and Telecommunications (MICITT) (machine translation): Since early hours of this Tuesday, the…
T-Mobile discloses yet another data breach; this one hits 37 million
It seems like litigation from one T-Mobile data breach is barely settled when we are reading about yet another T-Mobile breach. AP reports the carrier disclosed that an unidentified threat actor breached its network in late November and stole data on 37 million customers. The data stolen included addresses, phone numbers, and dates of birth….
Chinese, North Korean hackers continue exploiting zero-day vulnerabilities
Ionut Arghire reports that Chinese hackers exploited Fortinet FortiOS SSL-VPN vulnerability when it was still a zero-day. Mandiant tracks the bug as CVE-2022-42475 (CVSS score of 9.8), and described it as “a buffer overflow issue that could be exploited by remote, unauthenticated attackers to execute code or commands via crafted requests.” Read more at Security Week….