Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to…
Author: Dissent
URLs Are NOT Passwords, and Sadly, That Needed to Be Said (Stolowitz vs. Nuance Communications)
In 2014, Nuance Communications discovered that anyone could access protected health information on one of its platforms. After the situation persisted for years, a former employee decided to submit a whistleblower complaint to HHS. For his efforts, he spent more than one year fending off threatened federal hacking charges, even though no hacking was involved….
Cyberattack takes down L.A. Unified operations. Schools will open on Tuesday
Updated Sept. 8: Vice Society has claimed responsibility for the attack. As Jeremy Kirk commented, it was somewhat expected given that CISA published an advisory about Vice Society after the attack. Original post: Howard Blume reports: A cyberattack brought down the computer systems of the Los Angeles Unified School District over the weekend, but officials…
EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web
Seen on Resecurity’s blog: a reminder that our current defenses fall rapidly as nimble criminals find a work-around and that some developments enable second-tier or less sophisticated attackers to punch above their weight: Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate…
UK: ICO acting against eight individuals over alleged theft of road traffic accident data from garages
August 30 – The Information Commissioner’s Office (ICO) has commenced criminal proceedings against eight individuals over the alleged unlawful accessing and obtaining of people’s personal information from vehicle repair garages to generate potential leads for personal injury claims. The alleged activity took place across the UK between 1 December 2014 and 30 November 2017. The…
Concern as sensitive PSNI documents containing names and addresses of Loyal Order officials found by a member of the public on street
Mark Rainey reports: Sensitive police documents containing the names and addresses of loyal order officials in north Antrim and the north west have been found on the streets of Bushmills. The papers were discovered by a member of the public. According to Apprentice Boys of Derry (ABOD) general secretary Billy Moore, he was handed 16…