Catalin Cimpanu reports: .. in a report published today and shared with ZDNet, the security team at KPN, a Dutch telecommunications provider, said it was able to sinkhole and intercept the communications between REvil-infected computers and the REvil ransomware’s command-and-control (C&C) servers. KPN researchers say this allowed them to obtain unique insights into the operations of the…
Category: Malware
Georgia’s state agencies nearly recovered from last July’s Ryuk attack
Maggie Lee reports: About six months later and $750,000 poorer, Georgia is nearly back to normal after online attacks that blocked law enforcement officers and the public from accessing electronic records used to settle legal questions. But the money went to pay cyberattack insurance deductibles, not ransoms. Read more on Georgia Recorder.
SC: Tidelands Health named in class action lawsuit after December ransomware attack
Andrew James reports on a ransomware attack on a South Carolina system that has yet to show up on HHS’s public breach tool: The impacts of the December 12 cyberattack on the Tidelands Health Hospital System are unclear, but what is clear is that patients feel they were victimized as a result of negligence. A…
Magecart gang arrested in Indonesia
Catalin Cimpanu reports: Interpol and Indonesian police have arrested three men on suspicion of being part of a cybercrime group engaged in Magecart attacks. […] The suspects were only identified by their initials: ANF (27 years), K (35 years), and N (23 years), from he regions of Jakarta and Yogyakarta. Read more on ZDNet.
We’re dung for! Hackers hit firms with ransomware by exploiting Shitrix flaw
Graham Cluley writes: About two weeks ago alarm bells rang over a newly-discovered (and unpatched) flaw in Citrix servers. The vulnerability, technically dubbed CVE-2019-19781 but also known as “Shitrix”, was found to be present on Citrix Application Delivery Controller and Citrix Gateway servers (formerly known as Netscaler ADC and Netscaler Gateway respectively) commonly used on corporate networks. Then we…
If states would only require — and then engage in — more transparency on breaches
Years ago, I had hoped more states would require breach notifications to central offices and that states would then share those reports with the public, much as New Hampshire had done. But things haven’t really become more transparent. Maryland and California remain positive examples of transparency, but New Hampshire’s site, while still available, has lost…