Group-IB writes: In 2023, IT and cybersecurity companies remain one of the most attractive targets for cybercriminals, according to the latest threat report “Hi-Tech Crime Trends 2022/2023”. The compromise of a vendor’s infrastructure opens up ample opportunities to penetrate the network further and gain access to a huge pool of data about the victim’s customers…
Author: Dissent
New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign
Chetan Raghuprasad writes: Since December 2022, Cisco Talos has been observing an unidentified actor deploying two relatively new threats, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware, to steal cryptocurrency from victims. Talos observed the actor scanning the internet for victim machines with an exposed remote desktop protocol (RDP)…
City of Oakland declares state of emergency after ransomware attack
Sergiu Gatlan reports: Oakland has declared a local state of emergency because of the impact of a ransomware attack that forced the City to take all its IT systems offline on February 8th. Interim City Administrator G. Harold Duffey declared a state of emergency to allow the City of Oakland to expedite orders, materials and equipment procurement,…
Audit: MySejahtera Data Breach Affected Three Million Users
CodeBlue reports: The personal information of millions of MySejahtera users has been exposed after an account authorised for vaccine administration stole data from three million vaccine recipients, revealed a national audit. The latest Auditor-General’s 2021 report (Series 2) tabled in Parliament today revealed that a “Super Admin” account under the MyVAS system, which is used at…
A major global chipmaking supplier claims an employee stole manufacturing secrets
Jess Weatherbed reports: ASML, one of the largest suppliers to the global semiconductor industry and the only supplier of extreme ultraviolet (EUV) lithography photolithography machines, has revealed that a former employee in China stole information pertaining to its proprietary technology in a data breach. Within its recently published 2022 annual report, the Dutch tech firm said…
California Northstate University student and employee data stolen
In a new listing by AvosLocker, the threat actors leak personal information that can make employees’ lives difficult for years to come. In their leak site listing for California Northstate University, AvosLocker claims: We have Student admissions data include Name, Social Security Number, Date Of Birth, Address, Email, Telephone. All College employees W-2 include in…