Eilish O’Regan reports: The HSE has been given stolen data, including medical records, obtained by criminals during the May cyber attack, it emerged today. The material was given to the HSE by the Garda National Cyber Crime Bureau who received it from the Department of Justice in the United States under a Mutual Legal Assistance…
Category: Malware
A reset on ransomware: Dominant variants differ from prior years
As seen on Intel471’s blog: There’s been a shift in the ransomware-as-a-service ecosystem. Be it due to law enforcement, infighting amongst groups or people abandoning variants altogether, the RaaS groups dominating the ecosystem at this point in time are completely different than just a few months ago. Yet, even with the shift in the variants,…
Ransomware Advisory: Log4Shell Exploitation for Initial Access & Lateral Movement
Vitali Kremez & Yelisey Boguslavskiy write: This redacted report is based on our actual proactive victim breach intelligence and subsequent incident response (not a simulated or sandbox environment) identified via unique high-value Conti ransomware collections at AdvIntel via our product “Andariel.” This is a redacted TLP:WHITE version of the larger AdvIntel findings. Read their report…
US federal agency compromised in suspected APT attack
Catalin Cimpanu reports: A sophisticated threat actor has gained access and has backdoored the internal network of a US federal government agency, antivirus maker Avast reported this week. The security firm did not name the agency in its report, but The Record understands that the target of the attack was the United States Commission on International Religious Freedom (USCIRF)….
Coles, Westpac, AMP and Department of Defence caught up in ‘significant’ data breach of Finite Recruitment
Simon Elvery, Emily Sakzewski, and Matt Liddy report: The personal details of job applicants and staff at a range of major Australian companies and government agencies have potentially been exposed in a “significant” data breach and extortion attempt against Australian recruitment company Finite. Hackers have accessed and released sensitive data that includes resumes, offers of employment,…
McMenamins hit by ransomware attack; chain says customer data appears secure but employee info at risk
Mike Rogoway reports: Portland hotel and brewpub chain McMenamins has been hit by a ransomware attack that left many of its computer systems inoperable. Intruders may have accessed some of its employee records, the company said Wednesday night, but appear to have left customer data untouched. McMenamins said it identified and blocked the attack on…