There is a new Joint Cybersecurity Advisory issued today. This one is about Snatch Team. Summary: The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency(CISA) are releasing this joint CSA to disseminate known ransomware IOCs and TTPs associated with the Snatch ransomware variant identified through FBI investigations as recently as June…
Category: Hack
More victims of MOVEit breach are revealed: Nuance discloses for covered entities (UPDATE 1)
Add yet one more business associate to those affected by the Clop attack on Progress Software MOVEiT. Nuance has disclosed that it was affected by the May attacks. Although no number was revealed, the Microsoft-owned technology firm stated it was disclosing on behalf of: Atrium Health, the Charlotte-based health care system giant. Catawba Valley Medical…
“I’m Not Pro-Russia and I’m Not a Terrorist!” —- InfraGard and Airbus Hacker “USDoD” Unveils His New Campaigns
The first time DataBreaches remembers hearing about the man who calls himself “USDoD” was when he posted a sales listing for member data from InfraGard. He had not only managed to acquire data on 80,000 members of an organization dedicated to protecting critical infrastructure, but his revelation of his method exposed some embarrassingly inept security…
AlphV responds to MGM incident and sloppy reporting
AlphV has posted a statement about their attack on MGM Resorts. They also post some scathing criticisms of journalists and news outlets for reporting inaccurately and not verifying sources. Of note, their statement also asserts, “The ALPHV ransomware group has not before privately or publicly claimed responsibility for an attack before this point. Rumors were…
Identity of NSA hacker behind cyberattack on China’s leading aviation university identified; to be disclosed in due course: source
Yuan Hong reports: During the investigation of the cyberattack against Northwestern Polytechnical University (NPU), a leading Chinese aviation university, China has successfully extracted multiple samples of the spyware named SecondDate, and with the collaborative efforts of partners in various countries, the real identity of the US’ National Security Agency (NSA) personnel responsible for launching the…
MGM and Caesars Hacked by Same Group in Span of a Few Weeks
William Turton, Christopher Palmeri, and Katrina Manson report: MGM Resorts International was hacked by the same group of attackers that breached Caesars Entertainment Inc. weeks earlier, according to four people familiar with the matter. The hackers demanded a ransom from MGM, according to two of the people. It wasn’t immediately clear how much ransom was requested or if…