Simon Sharwood reports: Personal information describing names, addresses, bank account details, and taxation IDs of 38,000 Australian government employees has been leaked to the dark web after a ransomware attack. The treasurer of the Australian State of South Australia, Rob Lucas, today revealed the source of the leak: outsourced payroll provider Frontier Software. Read more at The…
Category: Malware
Ie: Hackers accessed HSE system eight weeks before cyber attack
Dyane Connor reports: The cyber attackers who hacked the Health Service Executive’s IT system, had accessed the system eight weeks before it detonated the malicious software, which caused devastating disruption across healthcare services. A report by PricewaterhouseCoopers (PwC) has found there were several “missed opportunities” after a phishing email was opened allowing the attacker access…
Canada Charges Its “Most Prolific Cybercriminal”
Brian Krebs fleshes out more about Matthew Philbert, the Canadian man arrested in Canada and charged in both the U.S. and Canada with a number of cybercrimes. Once again, Krebs provides a great example of solid research. Read his report at KrebsOnSecurity. Interestingly, Krebs ends his article with a comment that tends to agree with…
Hackers publish Vestas data following cyber attack
Sabina Weston reports: Hackers behind last month’s cyber attack on Vestas, the world’s largest wind turbine manufacturer, have published a portion of the compromised data online. That’s according to a statement published by the company, in which it advised customers and business partners to “stay vigilant” as there’s a possibility that their personal data may be misused. Read more at ITPro.
Emotet now drops Cobalt Strike, fast forwards ransomware attacks
Lawrence Abrams reports: In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent. […] Today, Emotet research group Cryptolaemus warned that Emotet is now skipping their primary malware payload of TrickBot or Qbot and directly installing Cobalt Strike beacons on infected…
TN: Pellissippi State Community College impacted by ransomware attack
Monday, Pellissippi State Community College announced a network outage. On Tuesday, they announced that it was a ransomware attack: Pellissippi State Community College has determined that the network systems outage appears to be the result of a ransomware attack. At this time, the breadth of the incident is under investigation. The College has currently contained the matter and is working to…