Rob McMillan reports: More than two weeks after the San Bernardino County Sheriff’s Department was hit with a cyberattack, the department is still working to get all of its systems back online. Multiple sources have told Eyewitness News that the hack likely started after someone clicked a hyperlink that was malicious, and that suddenly encrypted…
Category: Malware
Yellow Pages Canada confirms cyber attack as Black Basta leaks data
Update: On April 28, Yellow Pages issued a breach notification to employees affected by the breach. The notification reports that the types of information involved varied by individual and may have included name, email address, postal address, Social Insurance Number (where applicable), bank account information, emergency contact information, salary information, and date of birth. For…
Naivas Supermarket’s System Hacked, Data Stolen
Wycliffe Musalia reports that Kenya’s Naivas supermarket chain in Kenya has been the victim of a ransomware incident, but the chain assures customers that certain customer data such as payment card data was never at risk because it is not stored on their system. From the news report, it sounds like the company notified law…
Russian hackers exfiltrated data from from Capita over a week before outage
Kevin Beaumont writes: Capita have finally admitted a data breach, but still do not think they need to disclose key details of the incident to customers, regulators, impacted parties and investors. So in this piece we shall dig into the details using open source intelligence, and prove Capita was penetrated by Black Basta ransomware group using…
Bits ‘n Pieces (Trozos y Piezas)
Cementos Bío-Bío S.A attacked by BlackByte Cementos Bio-Bio S.A, a Chilean cement company, was added to BlackBye’s leaks site on April 9. DataBreaches found no notice of any incident on the main cbb.cl website, but the cbbexpress.cl customer portal had a notice about interruptions: “At this time we are having intermittencies with our services. If…
Ex-Conti members and FIN7 devs team up to push new Domino malware
Lawrence Abrams reports: Ex-Conti ransomware members have teamed up with the FIN7 threat actors to distribute a new malware family named ‘Domino’ in attacks on corporate networks. Domino is a relatively new malware family consisting of two components, a backdoor named ‘Domino Backdoor,’ which in turn drops a ‘Domino Loader’ that injects an info-stealing malware…