Phil Muncaster reports: Security experts have warned victims of sophisticated cyber-attacks not to think of intrusions as a one-off event, as a majority of organizations end up getting hit again within the year. CrowdStrike compiled an analysis of its own incident response and managed services engagements in 2020, to produce the CrowdStrike Services Cyber Front Lines Report….
Category: Commentaries and Analyses
NEW CISA Alert: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
Alert (AA20-345A) SUMMARY: This Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The FBI, CISA, and MS-ISAC assess malicious cyber actors are targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the…
Cedar Springs Hospital notifies patients of breach after state loses drive with patient data
Yesterday, Cedar Springs Hospital in Colorado issued a press release about an incident that involved the state. They explain: Cedar Springs Hospital recently received a request from its licensing agency, the Colorado Department of Public Health & Environment (“CDPHE”), for certain hospital records. As a licensed healthcare provider, Cedar Springs Hospital is subject to periodic…
Hackers are selling more than 85,000 SQL databases on a dark web portal
Update: To read the original research report on the threat actors and sale/auction on the dark web, see this report by Guardicore. Catalin Cimpanu reports: More than 85,000 SQL databases are currently on sale on a dark web portal for a price of only $550/database. The portal, brought to ZDNet‘s attention earlier today by a security…
Hacking Group Dropping Malware Via Facebook, Cloud Services
Akshaya Asokan reports: “Molerats,” an Arabic-speaking advanced persistent threat group that has been targeting victims mainly in the Middle East for several years, is now abusing Facebook accounts, as well as other cloud-based platforms, to deploy previously undocumented malware as part of an ongoing espionage campaign, according to security firm Cybereason. The hacking group, which is…
KR: Telecom LG U+ fined as a third party downloads and sells customer data
Korea JoongAng Daily reports: LG U+ was hit with 21.6 million won ($20,000) in government fines for a failure to secure customer data, which led to a massive breach and unauthorized sharing of sensitive information. The Personal Information Protection Commission (PIPC) announced Wednesday that it imposed a total of 75 million won in fines on…