One of the newer incidents appearing on HHS’s public breach tool this week is a report from Mind & Motion, LLC in Georgia. Mind & Motion offers various types of therapeutic modalities. On September 30th, 2018, they discovered that their server had been attacked with ransomware. In a notification to patients, they write: We have…
Category: Malware
Ticketmaster tells customer it’s not at fault for site’s Magecart malware pwnage
From the maybe-if-we-just-say-it’s-not-our-fault? dept, Gareth Corfield reports: Ticketmaster is telling its customers that it wasn’t to blame for the infection of its site by a strain of the Magecart cred-stealing malware – despite embedding third-party Javascript into its payments page. In a letter to Reg reader Mark, lawyers for the controversy-struck event ticket sales website said that Ticketmaster “is…
Over 40,000 credentials for government portals found online
Catalin Cimpanu reports: A Russian cyber-security firm says it discovered login credentials for more than 40,000 accounts on government portals in more than 30 countries. The data includes usernames and cleartext passwords, and the company believes they might be up for sale on underground hacker forums. Alexandr Kalinin, head of Group-IB’s Computer Emergency Response Team…
University of Maryland Medical System investigating malware attack
Sarah Meehan reports: The University of Maryland Medical System is investigating a malware attack on its computer system that occurred early Sunday, according to the hospital network. A ransomware-style attack affected about 250 of the hospital system’s 27,000 devices, said Jon Burns, the hospital system’s senior vice president and chief information officer. Because the group’s…
North Korea-linked Hackers Target Academic Institutions
Ionut Arghire reports: A threat group possibly originating from North Korea has been targeting academic institutions since at least May of this year, NetScout’s security researchers reveal. The attackers use spear-phishing emails that link to a website where a lure document attempts to trick users into installing a malicious Google Chrome extension. Following initial compromise,…
Those annoying sextortion scams are redirecting users to GandCrab ransomware now
Okay, I tend to laugh at the sextortion emails and have tweeted or posted some of them at times, usually after I check the referenced BTC wallet to see if anyone actually fell for the scam and paid. But Catalin Cimpanu reports on a new – and important – development: This past week, users in…