Jared Serbu reports: Another big federal agency has apparently escaped unscathed from the SolarWinds hack. Leaders from the Department of Veterans Affairs told Congress on Thursday they are now confident that none of their data was compromised, even though the company’s Orion system had a prominent presence throughout VA’s IT networks. Read more on Federal…
Category: Commentaries and Analyses
FBI: Conti Ransomware Attacks Impact Healthcare and First Responder Networks
The FBI has issued a Flash Alert about Conti. Summary The FBI identified at least 16 Conti ransomware attacks targeting US healthcare and first responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year. These healthcare and first responder networks are among the more than 400 organizations…
Update: Rehoboth Mckinley Christian Health Care Services notified 209,000 patients of February ransomware incident
On February 16, DataBreaches.net reported that Conti threat acctors had apparently attacked Rehoboth Mckinley Christian Health Care Services, Inc (RMCHCS) in New Mexico. As it has done in similar attacks, the threat actors dumped a small sample of files as proof. The files include copies of handwritten injury reports and other reports related to named individuals’…
Data of 100+ million Android users exposed via misconfigured cloud services
Ionut Ilascu reports: Security researchers discovered that personal data of more than 100 million Android users has been exposed due to various misconfigurations of cloud services. The data was found in unprotected real-time databases used by 23 apps with download counts ranging from 10,000 to 10 million and also includes internal developer resources. Read more…
Look how many cybercriminals love Cobalt Strike
From Intel471: Since its release in 2012, Cobalt Strike has been one of the most popular tools for penetration testers to use when simulating how known threat actor tools will look when targeting an organization’s network. However, there is a downside to that popularity: the criminals love it, too. And if they are using it,…
The Full Story of the Stunning RSA Hack Can Finally Be Told
Andy Greenberg reports: AMID ALL THE sleepless hours that Todd Leetham spent hunting ghosts inside his company’s network in early 2011, the experience that sticks with him most vividly all these years later is the moment he caught up with them. Or almost did. It was a spring evening, he says, three days—maybe four, time had…