Simon Sharwood reports: Citrix has taken the unusual step of rebutting dark web discourse that alleges its networks have been compromised. A Wednesday post penned by CISO Fermin J. Serna says the company is aware of “threat intelligence report circulated concerning claims made on the dark web by a threat actor alleging compromise of the Citrix network,…
Category: Malware
SEC’s OCIE Issues Ransomware Risk Alert
Kate Hanniford of Alston & Bird writes: On July 10, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert noting the increasing sophistication of ransomware attacks on SEC registrants and service providers to SEC registrants. The Risk Alert is notable for its encouragement of financial services market participants more broadly and not just…
How REvil Used the Underground Ecosystem to Form an Extortion Cartel
A new paper on Sodinokibi (REvil) ransomware operators by Advanced Intelligence begins: Just about one year ago, the makers of the infamous GandCrab ransomware announced their retirement, having reportedly earned an astonishing $2 billion since their entry into the ransomware market in January 2018. The vacuum was quickly filled, however. Forensic and malware evidence was…
Ca: Four military schools in Canada suffer cyberattacks
Samantha Butler-Hassan reports: Kingston’s Royal Military College is one of four military training schools in Canada targeted in a mysterious cyber attack. Discovered on the morning of Friday, Jul. 3, 2020, the attack has temporarily disabled the University’s online network. “It looks like all their core systems got hit,” said David Skillicorn, a professor of…
Turkey: KVKK announces data breach suffered by Doctor’s office
From OneTrust DataGuidance: The Turkish data protection authority (‘KVKK’) announced, on 9 July 2020, a data breach suffered by Doctor Atadan Egemen Koyuncu. In particular, the KVKK highlighted that the data controller suffered a cyber attack on 5 July 2020 which affected the patient information system and that the violation was detected on the 6 July 2020. In…
Vancouver Coastal Health hit by cyberattack, but says ‘no evidence’ data stolen
Andrew Weichel reports: An investigation into a cyberattack at Vancouver Coastal Health turned up “no evidence” that data was stolen, according to officials. The health authority said malicious ransomware was discovered in data related to its Employee and Family Assistance Program on May 21, and that officials responded by bringing in external cybersecurity experts to…