CNN reports: Federal court officials said Thursday that the judicial branch is taking steps to improve online security – including for sensitive case documents – after “escalated cyberattacks” aimed at its case management system. “The federal Judiciary is taking additional steps to strengthen protections for sensitive case documents in response to recent escalated cyberattacks of…
Category: Commentaries and Analyses
Scattered Spider has a new Telegram channel to list its attacks
Commenters on reading the new Telegram channel call it “schizo,” “complete chaos,” and “insane.” DataBreaches would just call it “overwhelming.” A new Telegram channel appeared on Friday afternoon with a name conflating three groups: Shiny Hunters, Scattered Spider, and Lapsus$. How long it will last before it gets banned remains to be seen, but in…
ShinyHunters sent Google an extortion demand; Shiny comments on current activities
Yesterday morning, DataBreaches woke up to a message on Telegram: Even the NSA can’t stop or identify us anymore. The FBI and everyone else is irrelevant and incompetent as far as we’re concerned :). When DataBreaches asked ShinyHunters if anything in particular had inspired that statement, “Shiny1” responded: I heard the NSA is investigating and…
Google reveals it became one of the Salesforce attack victims in June
Lawrence Abrams reports: In June, Google warned that a threat actor they classify as ‘UNC6040′ is targeting companies’ employees in voice phishing (vishing) social engineering attacks to breach Salesforce instances and download customer data. This data is then used to extort companies into paying a ransom to prevent the data from being leaked. In a brief update…
Scattered Spider is NOT quiet. They’re just under another name now.
Citing a July 30 report in The Hacker News, SC Media reports: Following recent arrests of alleged Scattered Spider members in the UK, Google Cloud’s Mandiant Consulting has reported a noticeable pause in the group’s activities, offering a “critical window of opportunity” for organizations to bolster their defenses, reports The Hacker News. THN had reported,…
Follow-up: Qilin responds to claims by affiliate and leak by competitor
Several days ago, we noted a report on GBHackers that described what they characterized as a significant security breach within the Qilin ransomware operation. Over on SuspectFile, Marco A. De Felice was able to get a statement from Qilin in response to the claims. Actually, he got three statements. The first two were specific to…