Guenni reports: [German]CompuGroup Medical SE & Co. KGaA, a major medical services provider, has been the victim of a cyberattack. The Koblenz-based medical services provider admitted as much on Monday, Dec. 20, 2021. The internal IT systems are likely affected, which should affect some doctors, pharmacies, labs and clinics if they want to contact the…
Category: Malware
Oops, did we miss these education sector breaches for k-12?
Came across these today while researching something else, so I thought I would just list them here for those who track k-12 breaches. Coffeyville School District in Kansas had a data security incident in July of 2020 that they detected in August of 2020. Their notification letter of February 2021 indicates that names and SSN…
Ca: Big White issues data breach alert
David Wylie reports: A potential data breach due to possible malware on Big White’s servers has prompted an alert from the resort’s CEO. In an email sent Monday to all vendors and suppliers to Big White, including the resort’s utilities, president and CEO of Big White Peter Plimmer said the company’s servers experienced “an unauthorized…
HSE given stolen data, including medical records, taken by criminals during cyber attack in May
Eilish O’Regan reports: The HSE has been given stolen data, including medical records, obtained by criminals during the May cyber attack, it emerged today. The material was given to the HSE by the Garda National Cyber Crime Bureau who received it from the Department of Justice in the United States under a Mutual Legal Assistance…
A reset on ransomware: Dominant variants differ from prior years
As seen on Intel471’s blog: There’s been a shift in the ransomware-as-a-service ecosystem. Be it due to law enforcement, infighting amongst groups or people abandoning variants altogether, the RaaS groups dominating the ecosystem at this point in time are completely different than just a few months ago. Yet, even with the shift in the variants,…
Ransomware Advisory: Log4Shell Exploitation for Initial Access & Lateral Movement
Vitali Kremez & Yelisey Boguslavskiy write: This redacted report is based on our actual proactive victim breach intelligence and subsequent incident response (not a simulated or sandbox environment) identified via unique high-value Conti ransomware collections at AdvIntel via our product “Andariel.” This is a redacted TLP:WHITE version of the larger AdvIntel findings. Read their report…