Brian Krebs reports: Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations. On Sept….
Category: Commentaries and Analyses
Magnolia Pediatrics notifies patients of a security incident after OCR tells them it’s reportable
Almost one year after Magnolia Pediatrics notified 11,000 patients about a ransomware attack on an unnamed IT vendor, they are now notifying more than 12,000 patients of another attack. This time, they wound up firing their vendor. According to a notification on their web site, on March 26, the Magnolia Pediatrics discovered a security incident….
How a Chinese malware gang defrauded Facebook users of $4 million
Catalin Cimpanu reports: At the Virus Bulletin 2020 security conference today, members of the Facebook security team have disclosed more details about one of the most sophisticated malware operations that has ever targeted Facebook users. Known internally at Facebook as SilentFade, this malware gang was active between late 2018 and February 2019, when Facebook’s security team detected their…
To hunt hackers, FBI works more closely with spy agencies
Christopher Bing reports: America’s top law enforcement agents and spies are teaming up under one roof as part of a new federal strategy to fight foreign hackers, senior FBI officials said in an interview. […] “We recognize that for too long some of our primary foreign adversaries have felt they can compromise U.S. networks, steal…
It takes hackers 1 minute to find and abuse credentials exposed on GitHub
Paul Bischoff reports on an issue DataBreaches.net and Jelle Ursem recently reported on: data being exposed because of code left in public repositories on GitHub (see our report about exposed protected health information in No Need to Hack When It’s Leaking). Bischoff writes that Comparitech researchers sought to find out how long it took hackers…
Yevgeniy Nikulin sentenced to 88 months for hacks of LinkedIn, Dropbox, and Formspring
More than two years after he was extradited from the Czech Republic where he was arrested in 2016 for hacking LinkedIn, Dropbox, and Formspring, Russian national Yevgeniy Nikulin was sentenced today to 88 months by Judge William Alsup in federal court in northern California. Nikulin, also known as “Chinabig01,” “dex.007, ” “valeriy.krutov3, and “itBlackHat,” had…