Kenny Chee reports: A ransomware attack earlier this month has affected the personal data and clinical information of nearly 73,500 patients of a private eye clinic, the third such reported incident in a month. The information included names, addresses, identity card numbers, contact details and clinical information such as patients’ clinical notes and eye scans,…
Category: Malware
Advisories are published, but are enough entities reading them and taking precautions?
Three advisories have been released this week about threat actor groups. One involves ALTDOS, one involves HIVE, and one involves the “OnePercent Group,” whose name may not sound familiar to many. ALTDOS (Joint Advisory) It appears that ALTDOS is getting some serious attention from Singapore’s CSA and other agencies in Singapore. These threat actors who…
AZ: 200 Kingman residents affected by city’s cyber attack; cause still not determined
AP reports: A recent investigation into a massive cyberattack against the city of Kingman shows that up to 200 residents had their personal information breached, yet the city still can’t explain how their system was infiltrated. Kingman city officials said the completed investigation revealed that a “limited number” of residents’ information were affected by the…
Update on Eskenazi Health Cyber Incident
Eskenazi has issued an updated notice about their security incident. They talk about “if they find” PII or PHI, but the reality is that this site already saw and reported that there was such information in the data dumped by Vice Society. From this site’s perspective, the only question is how many employees and patients…
Pysa threat actors’ script shows exactly the files they’re after
Lawrence Abrams reports: A PowerShell script used by the Pysa ransomware operation gives us a sneak peek at the types of data they attempt to steal during a cyberattack. […] Yesterday, MalwareHunterTeam shared a PowerShell script with BleepingComputer used by the Pysa ransomware operation to search for and exfiltrate data from a server. This script is designed…
Hacking group nicknamed SparklingGoblin is accused of stealing usernames and IP addresses from US computer retailer and Canadian schools
Adam Manno reports: A hacking group has targeted the networks of US media and retail companies to gather usernames and IP addresses, according to research from an antivirus company. Slovakia-based cybersecurity company Eset has identified a ‘backdoor’ used by a group it calls SparklingGoblin to enter firm’s supposedly secure servers, according to a post on the company’s…