Sergiu Gatlan reports: Attackers could use critical firmware vulnerabilities discovered by Microsoft in some NETGEAR router models as a stepping stone to move laterally within enterprise networks. The security flaws impact DGN2200v1 series routers running firmware versions before v1.0.0.60 and compatible with all major DSL Internet service providers. They allow unauthenticated attackers to access unpatched routers’ management…
Author: Dissent
Western Digital to provide recovery services for hacked NAS drives
Western Digital has announced a new trade-in programme to help customers mitigate the effects of a mass malware attack that saw terabytes of data wiped from users’ NAS drives overnight. Those who lost data as a result of the hack will be able to benefit from Western Digital’s data recovery services, as well as a…
Mayo Clinic faces lawsuits over nude patient image snooping
Kristen Leigh Painter reports an update to a previously reported insider-wrongdoing breach: Mayo Clinic is facing three lawsuits from patients who say a former surgery resident, Ahmad Alsughayer, viewed hundreds of their nude photographs in electronic medical records despite having no professional reason to go into their files. Alsughayer, who is 28 and has a…
FL: inmates filing lawsuit after data breach
Rochelle Alleyne reports a follow up to a breach not previously noted on this site: Hacked. That was the headline back in April when it came to the 20th judicial Public Defender’s Office. A document on the agency’s website, says private information linked to more than half a million staff members and clients was potentially exposed. The…
NY: Cyber attack at Massena Central School under investigation
Jimmy Lawton reports: Federal law enforcement agencies are investigating a cyber attack at Massena Central School that occurred June 22. Superintendent Pat Brady said the incident caused a disruption in the district’s network and impacted certain systems. “Importantly, to protect the integrity of the Massena Central School District system, access to the platform and surrounding…
Still think you can negotiate with REvil and get your files back? Read this first.
The government and professionals involved in ransomware incident response have often advised victims not to pay the ransom because even if you pay, you may not get your data back, and you may not get your data deleted by criminals who pinky swear that they will delete it. Then, too, they may pinky swear that…