David Wylie reports: A potential data breach due to possible malware on Big White’s servers has prompted an alert from the resort’s CEO. In an email sent Monday to all vendors and suppliers to Big White, including the resort’s utilities, president and CEO of Big White Peter Plimmer said the company’s servers experienced “an unauthorized…
Category: Malware
HSE given stolen data, including medical records, taken by criminals during cyber attack in May
Eilish O’Regan reports: The HSE has been given stolen data, including medical records, obtained by criminals during the May cyber attack, it emerged today. The material was given to the HSE by the Garda National Cyber Crime Bureau who received it from the Department of Justice in the United States under a Mutual Legal Assistance…
A reset on ransomware: Dominant variants differ from prior years
As seen on Intel471’s blog: There’s been a shift in the ransomware-as-a-service ecosystem. Be it due to law enforcement, infighting amongst groups or people abandoning variants altogether, the RaaS groups dominating the ecosystem at this point in time are completely different than just a few months ago. Yet, even with the shift in the variants,…
Ransomware Advisory: Log4Shell Exploitation for Initial Access & Lateral Movement
Vitali Kremez & Yelisey Boguslavskiy write: This redacted report is based on our actual proactive victim breach intelligence and subsequent incident response (not a simulated or sandbox environment) identified via unique high-value Conti ransomware collections at AdvIntel via our product “Andariel.” This is a redacted TLP:WHITE version of the larger AdvIntel findings. Read their report…
US federal agency compromised in suspected APT attack
Catalin Cimpanu reports: A sophisticated threat actor has gained access and has backdoored the internal network of a US federal government agency, antivirus maker Avast reported this week. The security firm did not name the agency in its report, but The Record understands that the target of the attack was the United States Commission on International Religious Freedom (USCIRF)….
Coles, Westpac, AMP and Department of Defence caught up in ‘significant’ data breach of Finite Recruitment
Simon Elvery, Emily Sakzewski, and Matt Liddy report: The personal details of job applicants and staff at a range of major Australian companies and government agencies have potentially been exposed in a “significant” data breach and extortion attempt against Australian recruitment company Finite. Hackers have accessed and released sensitive data that includes resumes, offers of employment,…