The Office of Information Security and the Health Sector Cybersecurity Coordination Center (HC3) have published a new threat brief on APT41. The brief is TLP:WHITE. Overview Chinese State-Sponsored Threat Actor Members of APT41 have been actively tracked since 2012 Also Known As: Double Dragon, Barium, Winnti, Wicked Panda, Wicked Spider, TG-2633, Bronze Atlas, Red Kelpie…
Category: Breach Incidents
DESORDEN leaks more data from Indonesia; “Indo data is officially worthless”
The DESORDEN group recently announced that due to the flood of personal information on Indonesians, they were giving up on attacking Indonesian entities. But they also noted that they already had some attacks in progress that they would still be leaking. Today, they announced one of those attacks on a popular hacking-related forum where data…
Sierra College investigating scope of latest ransomware incident
In May 2021, Sierra College in California confirmed that it was hit by a ransomware attack. Whatever steps the college may have taken to prevent another ransomware attack were apparently not sufficient, however, because Vice Society added the college to its list of “partners” this week. Vice did not post any data at this point,…
Teen who ‘hacked homecoming votes’ to crown herself queen is suing police and her school
If you are charged criminally and don’t contest the charges and complete a program that results in the charges being dropped, can you then turn around later and sue law enforcement for false arrest or anything? I didn’t think you could. Paging lawyers to Aisle 4, please? Earlier this month, Joe Smith reported; A teenager…
Ask.FM user database with 350m user records has shown up for sale (UPDATED with Denial from Ask.FM)
“I think it’s probably one of the biggest breaches in a long time, can’t think of any bigger ones,” Pompompurin, the owner of Breached.to, wrote when asked about a new for-sale listing that appeared on his forum. A seller called “Data,” who Pompompurin says he will “vouch all day and night for” listed user data…
Update: SERV Behavioral Health System Issues Notice of Breach
On August 6, DataBreaches reported that the Hive ransomware team claimed to have attacked SERV Behavioral Health System and encrypted SERV’s files on May 26. The listing was added to Hive’s site on July 14. SERV did not respond to email inquiries from DataBreaches in July. Time passed, but Hive never added any “proof pack”…