Jonathan Greig reported: Telecommunications giant AT&T denied any connection to a database of stolen information that included the Social Security numbers of 23 million Americans. First reported by Brian Krebs, Milwaukee cybersecurity company Hold Security said it found a 3.6 GB file on a dark web platform that contained Social Security numbers and information belonging to…
Category: Commentaries and Analyses
Judge Investigates Alex Jones’ Legal Team After Sandy Hook Medical Records Are Leaked
Mary Papenfuss reports: The judge in a Sandy Hook defamation lawsuit against far-right conspiracy podcaster Alex Jones has launched an investigation of his legal team after the medical records of school parents were leaked. Medical and psychiatric records of some parents and relatives of the children killed in the 2012 mass shooting at Sandy Hook Elementary in…
CISA Alert (AA22-223A) #StopRansomware: Zeppelin Ransomware
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known Zeppelin ransomware IOCs and TTPs associated with ransomware variants identified through FBI investigations as recently as 21 June 2022. The FBI and CISA encourage organizations to implement the recommendations in the Mitigations section…
Lockbit, Hive, and BlackCat attack automotive supplier in triple ransomware attack
Linda Smith, Rajat Wason, and Syed Zaidi of Sophos write: In May 2022, an automotive supplier was hit with three separate ransomware attacks. All three threat actors abused the same misconfiguration – a firewall rule exposing Remote Desktop Protocol (RDP) on a management server – but used different ransomware strains and tactics. The first ransomware…
CISCO got hit… and immediately took control of the story
It is the kind of story destined for big headlines. The Yanluowang group announced today that they had attacked CISCO. But instead of them controlling the story, CISCO seems to have immediately taken control. The threat actors, who appear not to be a fan of Grammarly, posted a directory of Drive C: on their leak…
The SEC’s cyberattack reporting rules are seeing fierce opposition. CISA is poised to do better.
Kyle Alspach reports: As the chief information security officer of a large, publicly traded tech company, Drew Simonis has been keeping a close eye on the SEC’s proposed rules to require reporting of major cyberattacks. Simonis, who works at Juniper Networks, has some serious concerns shared by many executives in U.S. private industry. Some of the proposed…