Lawrence Abrams reports: The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the device. Contec is a China-based company that specializes in healthcare technology, offering…
Author: Dissent
Law enforcement continues efforts to disrupt cybercrime forums and services
Law enforcement has been busy. As reported yesterday, Cracked and Nulled forums were seized along with services associated with them financially. Two suspects were arrested in Spain. Today, DOJ issued two press releases. The first was about yesterday’s seizures: Cracked and Nulled Marketplaces Disrupted in International Cyber Operation The Justice Department today announced its participation…
Exclusive: Apex Custom Software hacked, threat actors threaten to leak the software (1)
On January 20, the hackers known as 0mid16B tweeted, “At 7:40AM 20th Jan (US time), a US healthcare software provider has been hacked. All data in server has been deleted. 48 hours left before we publish all data.” The attached screenshot showed a listing of medications, but without any patient information attached. Two days later,…
No need to hack when it’s leaking: ZAR clinics edition
Heise.de reports: A massive data leak potentially affects hundreds of thousands of patients at ZAR rehab clinics across Germany. Among other things, highly sensitive medical reports were accessible. The affected rehab centers are under the umbrella of Nanz medico, which claims to be the largest provider of outpatient rehab services in Germany. This includes a…
New York Blood Center Enterprises Ransomware Attack Update
A personal message to whatever threat actor or ransomware group hit the New York Blood Center: You are endangering lives, and every day that goes by will put more lives at risk. Do the morally right thing and give them a decryptor now. — Dissent. A statement from the New York Blood Center: January 29:…
FBI seizes Cracked.io, Nulled.to hacking forums in Operation Talent (1)
Sergiu Gatlan reports: Update January 29, 14:15 EST: Seizure banners were added to the cracked[.] io, nulled [.] to, starkrdp [.] io, mysellix [.] io, and sellix [.] io, confirming that the domains had been seized in a joint law enforcement action dubbed “Operation Talent” that included authorities from the United States, Italy, Spain, Europe,…