Almost one year after Magnolia Pediatrics notified 11,000 patients about a ransomware attack on an unnamed IT vendor, they are now notifying more than 12,000 patients of another attack. This time, they wound up firing their vendor. According to a notification on their web site, on March 26, the Magnolia Pediatrics discovered a security incident….
Category: Commentaries and Analyses
How a Chinese malware gang defrauded Facebook users of $4 million
Catalin Cimpanu reports: At the Virus Bulletin 2020 security conference today, members of the Facebook security team have disclosed more details about one of the most sophisticated malware operations that has ever targeted Facebook users. Known internally at Facebook as SilentFade, this malware gang was active between late 2018 and February 2019, when Facebook’s security team detected their…
To hunt hackers, FBI works more closely with spy agencies
Christopher Bing reports: America’s top law enforcement agents and spies are teaming up under one roof as part of a new federal strategy to fight foreign hackers, senior FBI officials said in an interview. […] “We recognize that for too long some of our primary foreign adversaries have felt they can compromise U.S. networks, steal…
It takes hackers 1 minute to find and abuse credentials exposed on GitHub
Paul Bischoff reports on an issue DataBreaches.net and Jelle Ursem recently reported on: data being exposed because of code left in public repositories on GitHub (see our report about exposed protected health information in No Need to Hack When It’s Leaking). Bischoff writes that Comparitech researchers sought to find out how long it took hackers…
Yevgeniy Nikulin sentenced to 88 months for hacks of LinkedIn, Dropbox, and Formspring
More than two years after he was extradited from the Czech Republic where he was arrested in 2016 for hacking LinkedIn, Dropbox, and Formspring, Russian national Yevgeniy Nikulin was sentenced today to 88 months by Judge William Alsup in federal court in northern California. Nikulin, also known as “Chinabig01,” “dex.007, ” “valeriy.krutov3, and “itBlackHat,” had…
Security lapse exposes hundreds of addresses of Minnesotans infected with COVID-19
Jay Kolls reports: In April, Gov. Tim Walz signed an executive order allowing the Minnesota Department of Health and the Minnesota Department of Public Safety to share addresses of COVID-19 patients with first responders across Minnesota. The governor imposed strict guidelines for sharing those addresses to protect the identity of Minnesotans with COVID-19. MDH and…