It is the kind of story destined for big headlines. The Yanluowang group announced today that they had attacked CISCO. But instead of them controlling the story, CISCO seems to have immediately taken control. The threat actors, who appear not to be a fan of Grammarly, posted a directory of Drive C: on their leak…
Category: Commentaries and Analyses
The SEC’s cyberattack reporting rules are seeing fierce opposition. CISA is poised to do better.
Kyle Alspach reports: As the chief information security officer of a large, publicly traded tech company, Drew Simonis has been keeping a close eye on the SEC’s proposed rules to require reporting of major cyberattacks. Simonis, who works at Juniper Networks, has some serious concerns shared by many executives in U.S. private industry. Some of the proposed…
Snapchat, Amex sites abused in Microsoft 365 phishing attacks
Sergiu Gatlan reports: Attackers abused open redirects on the websites of Snapchat and American Express in a series of phishing attacks to steal Microsoft 365 credentials. Open redirects are web app weaknesses that allow threat actors to use the domains of trusted organizations and websites as temporary landing pages to simplify phishing attacks. Read more at…
BHG Behavioral Health Group recently notified patients of a December 2021 breach
If you know to scroll down on BHG Behavioral Health Group‘s website to their footer, you will see a small link to an undated data security incident notice. That undated notice does not reveal when Behavioral Health Group first discovered the data security incident or how they first discovered it. The notice does state, however,…
New GwisinLocker ransomware encrypts Windows and Linux ESXi servers
This site generally doesn’t cover or announce new types of ransomware, but this one targets the healthcare sector, so…. Bill Toulas reports: A new ransomware family called ‘GwisinLocker’ targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines. The new malware is…
Roundup: Four more breaches in the healthcare sector: Healthback Holdings, Zenith American Solutions, Bronx Accountable Healthcare Network, and Centerstone
On June 1, Healthback Holdings, LLC in Oklahoma discovered that they had been subject to a hacking incident that began in October 2021. “A limited number” of employee accounts were compromised. On July 29, Healthback notified HHS that 21,114 patients were affected. Their notice says that names, health insurance information, Social Security numbers, and clinical…