Zack Whittaker report: Citizen Lab researchers say they have found evidence that dozens of journalists had their iPhones silently compromised with spyware known to be used by nation states. For more than the past year, London-based reporter Rania Dridi and at least 36 journalists, producers and executives working for the Al Jazeera news agency were targeted…
Category: Malware
DoppelPaymer dumps data from public school districts in Mississippi and Montana
Why ransomware threat actors go after small school districts with few resources still puzzles me. The districts may be “low-hanging fruit” from a security perspective, but they generally do not have the resources to pay big ransom demands. So why target them? My puzzlement notwithstanding, a number of ransomware teams do attack k-12 districts. DoppelPaymer…
GenRx Pharmacy Breach Notice Shows How to Do It Right
This may be one of the best breach notifications I have ever read — for its plain language, clarity, and lack of attempt to spin. Not only did these folks respond promptly to an attack, but they had usable backups, stopped the attack quickly, and just…. handled this so well, it seems. Maybe they didn’t…
Ransomware attackers are making threatening phone calls to their victims, warns FBI
Catalin Cimpanu reports that ransomware threat actors are doing more than just calling their victims on the phone (as previously reported on this site and by ZDNet). Now at least one of the groups, DoppelPaymer, are allegedly threatening them. The incidents have been happening since February 2020, the FBI said in a PIN (private industry notification)…
FR: Services in Évreux and the agglomeration shut down after cyberattack
Laurent Philippot reports that the City of Evreux and the Évreux Portes de Normandie became victims of a ransomware attack about a week ago. At the present time, they locked down their systems to keep the attacker out, but that means that phones and internet are degraded or not working at this time. The mayor…
Microsoft says it identified 40+ victims of the SolarWinds hack, and more bad news…
Catalin Cimpanu reports: Microsoft said it identified more than 40 of its customers that installed trojanized versions of the SolarWinds Orion platform and where hackers escalated intrusions with additional, second-stage payloads. The OS maker said it was able to discover these intrusions using data collected by Microsoft Defender antivirus product, a free antivirus product built…