On November 15, ABC in Chicago reported that suburban school district Township High School District 211 experienced a security breach in which outgoing emails, phone calls, and text messages had been compromised over the weekend. Parents reported receiving offensive messages, some of which were sexual. On November 20, Patch reported that a teacher’s account in…
Category: Breach Incidents
A rough week in ransomware….
The following are just a few of the entities hit by ransomware attacks this week: USNR LLC is a manufacturing firm in Woodland, Washington. On their site, they describe themselves as “the world’s largest, most comprehensive supplier of equipment and technologies for the wood processing industry.” And according to a notification they sent, on September…
Update on Dyras Dental ransomware attack
On September 24, DataBreaches.net contacted Dyras Dental in Lansing, Michigan to ask about Egregor threat actors’ claim that they had attacked them and exfiltrated data. Dyras Dental did not respond to that contact or to my subsequent DM to them on Twitter. On October 5, not seeing anything on Dyras Dental’s web site or Twitter…
Twitter data breach decision due on December 17: Irish data regulator
Samuel Stolton reports: Despite “very divergent views” between EU data protection authorities over a case of data breaches by Twitter, a final decision on the bloc’s first major cross-border online privacy case is due to be published on December 17th, it has been revealed. Irish Data Commissioner Helen Dixon said on Thursday (3 December) that talks…
Persist, Brick, Profit -TrickBot Offers New “TrickBoot” UEFI-Focused Functionality
AdvIntel & Eclypsium write: TrickBot malware now has functionality designed to inspect the UEFI/BIOS firmware of targeted systems. This marks a significant step in the evolution of TrickBot. Firmware level threats carry unique strategic importance for attackers. It is clear that TrickBot will benefit greatly from including a UEFI level bootkit in their kill chain….
Intersport victim of cyberattack for a second time in 2020?
First it was a Magecart attack on their web sites in Slovenia, Croatia, Serbia, Bosnia and Hercegovina and Montenegro, as reported in June. Now it appears to be a ransomware attack by Conti threat actors, who dumped more than two dozen files as alleged proof of access and exfiltration from the international sporting goods retailer….