Cisco’s Talos writes: For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor’s widespread use of a sophisticated modular malware system we call “VPNFilter.” We have not completed our research, but recent events have convinced us that the correct…
Category: Malware
Update: LifeBridge Health notifying 500,000 patients of security incident
Remember that LifeBridge Health and LifeBridge Potomac Professionals malware incident noted on this site on May 16? Baltimore Sun reports that they are notifying 500,000. Ouch.
IN: Allied Physicians of Michiana report SamSam attack
South Bend Tribune reports: A local physicians network was the focus of a recent cyberattack that released ransomware into its network. According to a press release from Allied Physicians of Michiana CEO Shery Roussarie, the company became aware of the cyberattack on Thursday afternoon and immediately took steps to shut down the network in order…
Notice of Data Breach at blackphoenixalchemylab.com
Elizabeth Barrial of Black Phoenix Lab posted the following notice last night: Please forgive me for the time it took to publish this. I wanted to make sure we had all the facts before I posted, and I needed to ensure that I used the correct format for the notice as required by law. NOTICE…
LifeBridge Health and LifeBridge Potomac Professionals Notify Patients of a Recent Security Incident
From their press release: LifeBridge Health and LifeBridge Potomac Professionals announced today that it is sending letters to patients about a recent security incident involving patient information. On March 18, 2018, LifeBridge Health discovered that malware infected the server that host LifeBridge Potomac Professional’s electronic medical record, and LifeBridge Health’s patient registration and billing systems….
Shadowy Hackers Accidentally Reveal Two Zero-Days to Security Researchers
Catalin Cimpanu reports: An unidentified hacker group appears to have accidentally exposed two fully-working zero-days when they’ve uploaded a weaponized PDF file to a public malware scanning engine. The zero-days where spotted by security researchers from Slovak antivirus vendor ESET, who reported the issues to Adobe and Microsoft, which in turn, had them patched within…