Alex Scroxton reports: The developer or developers behind the ransomware-as-a-service (RaaS) family known variously as ALPHV, BlackCat and Noberus, have been hard at work refining their tactics, techniques and procedures (TTPs) and today are probably more dangerous than ever before, according to intelligence from Symantec. The ALPHV/BlackCat/Noberus operation – which Symantec tracks as Coreid (aka FIN7, Carbon Spider)…
Category: Commentaries and Analyses
Update: SERV Behavioral Health System Issues Notice of Breach
On August 6, DataBreaches reported that the Hive ransomware team claimed to have attacked SERV Behavioral Health System and encrypted SERV’s files on May 26. The listing was added to Hive’s site on July 14. SERV did not respond to email inquiries from DataBreaches in July. Time passed, but Hive never added any “proof pack”…
Scoop: VSS Medical Technology’s Terrible, Horrible, No Good, Very Bad Day
DataBreaches suspects that most readers would agree that getting hit by a ransomware gang qualifies your day as a very bad day. But how about getting hit by two different ransomware gangs on the same day? VSS Medical Technology and one of their companies, Sigmund Software, had what sounds like a terrible, horrible, no good,…
Vulnerability allows access to credentials in Microsoft Teams
Steve Zurier reports: Researchers on Tuesday reported that this past August they identified an attack path that lets malicious actors with file system access to steal credentials for any Microsoft Teams user who’s logged-on. In a Sept. 13 blog post, the Vectra Protect team said because attackers do not require elevated permissions to read these…
The Great Resignation linked to a great data theft
Ian Barker reports: We’ve all heard of the Great Resignation, a pandemic-driven shift in people’s work preferences. But new research from Cyberhaven suggests that this has gone hand-in-hand with a huge stealing of data. Based on anonymized details from over 1.4 million workers and spanning 360,000 data exfiltration incidents and a broad sample of companies, including…
Cyber Criminals Targeting Healthcare Payment Processors, Costing Victims Millions in Losses
IC3.gov PIN 20220914-001 14 September 2022 TLP: WHITE Summary The FBI has received multiple reports of cyber criminals increasingly targeting healthcare payment processors to redirect victim payments. In each of these reports, unknown cyber criminals used employees’ publicly-available Personally Identifiable Information (PII) and social engineering techniques to impersonate victims and obtain access to files, healthcare…