Linda Smith, Rajat Wason, and Syed Zaidi of Sophos write: In May 2022, an automotive supplier was hit with three separate ransomware attacks. All three threat actors abused the same misconfiguration – a firewall rule exposing Remote Desktop Protocol (RDP) on a management server – but used different ransomware strains and tactics. The first ransomware…
Category: Malware
$8 Million Multistate Settlement Resolves 2019 Waa Data Breach Investigation
Kirk Nahra and Amy Gopinathan of Wilmer Hale write: State Attorneys General settle with Wawa, Inc. for 2019 data breach that compromised approximately 34 million payment cards used by consumers. On July 26, 2022, Acting New Jersey Attorney General Matthew J. Platkin announced that New Jersey is co-leading an $8 million multistate settlement with Wawa, Inc. (Wawa)…
Malware attacks reported by three Japanese entities
Two of the following incidents occurred in June; the first one is recent: WDB Holdings Co. Ltd confirms ransomware attack WDB Group (WDB Holdings) issued the following statement on August 2: Since August 1, 2022, we have been experiencing an issue that prevents us from accessing the mail system and file servers of our group’s…
SCOOP: ista International takes systems offline in wake of ransomware attack; Daixin Team claims thousands of servers encrypted
ista International GmbH is a multinational company that manages data and processes that make buildings climate-friendly, safe and comfortable. As they describe themselves: We see the future of our success in the Internet of Things (IoT). Very soon billions of devices will talk directly to each other. This communication will largely take place in and…
Argentinian health services plan hit by LockBit
On June 27, Clarin reported that OSDE had suffered a cyberattack on June 25. OSDE is a network of medical care services and providers in Argentina. People can enroll in pre-paid health plans and contact OSDE online when they need medical attention or assistance. According to its site, OSDE currently has over 2 million members,…
Update: Colosseum Dental Benelux pays ransom to threat actors
Updating the story concerning Colosseum Dental Benelux reported yesterday, Yannick Spinner reports (machine translated): The umbrella company, in its own words, had no choice but to pay the criminals: “Caring for our patients is our top priority and prompted Colosseum Dental to contact the cyber attackers and make agreements about the return and security of our…