Ax Sharma reports: RaidForums is an underground place where private databases obtained from data breaches, vulnerability exploits, and credit card information sets are illegally traded by threat actors, or sometimes leaked for free. On RaidForums, the “Staff General” section is typically restricted to internal staff members only, but in an ironic twist of fate, this private section was accidentally left open for viewing by…
Author: Dissent
KS: Pottawatomie Co. cyber attack encrypts “multiple servers,” extent unclear
Chris Fisher reports: Officials in Pottawatomie County are assessing the extent of a cyber attack discovered last week. Pottawatomie Co. Public Information Officer Becky Ryan confirms that county IT staff discovered an active cyber attack on Friday, September, 17. Ryan says the breach encrypted multiple servers, which prevented the access of many systems used every day….
U.S. Treasury Department: Publication of Updated Ransomware Advisory; Cyber-related Designation
Treasury Takes Robust Actions to Counter Ransomware WASHINGTON — As part of the whole-of-government effort to counter ransomware, the U.S. Department of the Treasury today announced a set of actions focused on disrupting criminal networks and virtual currency exchanges responsible for laundering ransoms, encouraging improved cyber security across the private sector, and increasing incident and…
Ransomware Resources for HIPAA Regulated Entities
The HHS Office for Civil Rights (OCR) is sharing the following information to ensure that HIPAA regulated entities are aware of the resources available to assist in preventing, detecting, and mitigating breaches of unsecured protected health information caused by hacking and ransomware. HHS Health Sector Cybersecurity Coordination Center Threat Briefs: https://www.hhs.gov/about/agencies/asa/ocio/hc3/products/index.html#sector-alerts January 28, 2021 –…
Adventures in Notification, Ethical Dilemma Edition
Long-time readers know that this blogger has encountered some interesting situations over the years in response to trying to engage in responsible disclosure of leaks or incidents. As just a few examples (apart from all the lawsuit threats for exposing leaks or incidents), this blogger was: — threatened with being infected with HIV by angry…
Hacker Makes Off With $12 Million in Latest DeFi Breach
Dan Gunderman reports: In the latest security incident involving a decentralized finance protocol, cross-chain project pNetwork announced Sunday it had been hacked for 277 pBTC, a form of wrapped bitcoin, with losses worth over $12 million at current value. In a series of tweets announcing the incident, pNetwork said, “We’re sorry to inform the community that…