Summary of Alert: The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Department of Health and Human Services (HHS) (hereafter referred to as the authoring organizations) are releasing this joint advisory to disseminate known RansomHub ransomware IOCs and TTPs. These have…
Category: Commentaries and Analyses
US agencies warn against ransomware group behind hundreds of attacks in recent months
Jonathan Greig reports: More than 210 organizations have dealt with ransomware attacks launched by the RansomHub group since February, according to an advisory from several U.S. cybersecurity agencies. The FBI joined the Cybersecurity and Infrastructure Security Agency (CISA) and Department of Health and Human Services (HHS) in publishing an advisory on Thursday about RansomHub — which has…
National Public Data’s response to an opt-out request
Last night, DataBreaches received an alert from Experian Identity Works that my Social Security number had shown up in its dark web surveillance. There were three entries where it had shown up last week. All three related to the massive National Public Data breach and leak. But looking at the three entries, I noted that…
American Radio Relay League paid $1 million ransom payment
ARRL is the national association for Amateur Radio in the US. Founded in 1914 by Hiram Percy Maxim as The American Radio Relay League, ARRL is a noncommercial organization of radio amateurs. ARRL numbers within its ranks the vast majority of active radio amateurs in the nation and has a proud history of achievement as the standard-bearer in amateur affairs. ARRL’s…
Microsoft security tools questioned for treating employees as threats
Thomas Claburn reports: Software designed to address legitimate business concerns about cyber security and compliance treats employees as threats, normalizing intrusive surveillance in the workplace, according to a report by Cracked Labs. The report, titled “Employees as Risks” – released today by the Vienna-based non-profit – explores software from Microsoft and formerly from Forcepoint – specifically…
Hacker known as “USDoD” who stole 3 billion US data records: doxxed and Brazilian
The following is a Google machine translation of an article by TecMundo: The top cybersecurity news story in the United States in August involved the leak of 2.7 billion Social Security numbers , similar to social security numbers. The cybercriminal group that claimed responsibility for the attack is USDoD , which is also known for hacking into companies around…