The FBI has issued a Flash Alert about Conti. Summary The FBI identified at least 16 Conti ransomware attacks targeting US healthcare and first responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year. These healthcare and first responder networks are among the more than 400 organizations…
Category: Commentaries and Analyses
Update: Rehoboth Mckinley Christian Health Care Services notified 209,000 patients of February ransomware incident
On February 16, DataBreaches.net reported that Conti threat acctors had apparently attacked Rehoboth Mckinley Christian Health Care Services, Inc (RMCHCS) in New Mexico. As it has done in similar attacks, the threat actors dumped a small sample of files as proof. The files include copies of handwritten injury reports and other reports related to named individuals’…
Data of 100+ million Android users exposed via misconfigured cloud services
Ionut Ilascu reports: Security researchers discovered that personal data of more than 100 million Android users has been exposed due to various misconfigurations of cloud services. The data was found in unprotected real-time databases used by 23 apps with download counts ranging from 10,000 to 10 million and also includes internal developer resources. Read more…
Look how many cybercriminals love Cobalt Strike
From Intel471: Since its release in 2012, Cobalt Strike has been one of the most popular tools for penetration testers to use when simulating how known threat actor tools will look when targeting an organization’s network. However, there is a downside to that popularity: the criminals love it, too. And if they are using it,…
The Full Story of the Stunning RSA Hack Can Finally Be Told
Andy Greenberg reports: AMID ALL THE sleepless hours that Todd Leetham spent hunting ghosts inside his company’s network in early 2011, the experience that sticks with him most vividly all these years later is the moment he caught up with them. Or almost did. It was a spring evening, he says, three days—maybe four, time had…
Colonial Pipeline confirms it paid $4.4 million to hackers
Cathy Bussewitz of AP reports: The operator of the nation’s largest fuel pipeline confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems. Colonial Pipeline said Wednesday that after it learned of the May 7 ransomware attack, the company took its pipeline system offline and needed to do everything…