It’s gotten impossible to keep up with all the attacks, but here are some in the news today: North American food importer Atalanta revealed that employee information was involved in a ransomware attack. Their statement. Media coverage. Hellmann Worldwide Logistics in Germany was also hit by an attack that has impaired operations. Their statement and…
Category: Malware
Ransomwared payroll provider leaks data on 38,000 Australian government workers
Simon Sharwood reports: Personal information describing names, addresses, bank account details, and taxation IDs of 38,000 Australian government employees has been leaked to the dark web after a ransomware attack. The treasurer of the Australian State of South Australia, Rob Lucas, today revealed the source of the leak: outsourced payroll provider Frontier Software. Read more at The…
Ie: Hackers accessed HSE system eight weeks before cyber attack
Dyane Connor reports: The cyber attackers who hacked the Health Service Executive’s IT system, had accessed the system eight weeks before it detonated the malicious software, which caused devastating disruption across healthcare services. A report by PricewaterhouseCoopers (PwC) has found there were several “missed opportunities” after a phishing email was opened allowing the attacker access…
Canada Charges Its “Most Prolific Cybercriminal”
Brian Krebs fleshes out more about Matthew Philbert, the Canadian man arrested in Canada and charged in both the U.S. and Canada with a number of cybercrimes. Once again, Krebs provides a great example of solid research. Read his report at KrebsOnSecurity. Interestingly, Krebs ends his article with a comment that tends to agree with…
Hackers publish Vestas data following cyber attack
Sabina Weston reports: Hackers behind last month’s cyber attack on Vestas, the world’s largest wind turbine manufacturer, have published a portion of the compromised data online. That’s according to a statement published by the company, in which it advised customers and business partners to “stay vigilant” as there’s a possibility that their personal data may be misused. Read more at ITPro.
Emotet now drops Cobalt Strike, fast forwards ransomware attacks
Lawrence Abrams reports: In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent. […] Today, Emotet research group Cryptolaemus warned that Emotet is now skipping their primary malware payload of TrickBot or Qbot and directly installing Cobalt Strike beacons on infected…