Joe Davies reports an update to the ransomware attack on Advanced that impacted the NHS 111 system: Hackers are holding an IT firm that supplies NHS trusts to ransom following a cyber attack last week, according to sources. Health bosses are concerned criminals have access to confidential health records and could leak them if their demands aren’t…
Category: Of Note
Lockbit, Hive, and BlackCat attack automotive supplier in triple ransomware attack
Linda Smith, Rajat Wason, and Syed Zaidi of Sophos write: In May 2022, an automotive supplier was hit with three separate ransomware attacks. All three threat actors abused the same misconfiguration – a firewall rule exposing Remote Desktop Protocol (RDP) on a management server – but used different ransomware strains and tactics. The first ransomware…
Former Twitter Employee Found Guilty of Acting as an Agent of a Foreign Government and Unlawfully Sharing Twitter User Information
A federal jury yesterday convicted a former Media Partnerships Manager for the Middle East/North Africa (MENA) region at Twitter of acting as a foreign agent without notice to the Attorney General, conspiracy, wire fraud, international money laundering, and falsification of records in a federal investigation. The verdict follows a two-week trial before the Honorable Senior…
FBI raids Trump’s Mar-a-Lago
Rebecca Beitsch and Harper Neidig report: The FBI executed a search warrant on former President Trump’s home in Florida on Monday, the ex-president said, lashing out at law enforcement for what he called “political persecution.” “My beautiful home Mar A Lago in Palm Beach, Florida is currently under siege, raided and occupied by a large group of…
Class Action Targets Experian Over Account Security
Brian Krebs reports: A class action lawsuit has been filed against big-three consumer credit bureau Experian over reports that the company did little to prevent identity thieves from hijacking consumer accounts. The legal filing cites liberally from an investigation KrebsOnSecurity published in July, which found that identity thieves were able to assume control over existing Experian accounts…
Microsoft accounts targeted with new MFA-bypassing phishing kit
Bill Toulas reports: A new large-scale phishing campaign targeting credentials for Microsoft email services use a custom proxy-based phishing kit to bypass multi-factor authentication. Researchers believe the campaign’s goal is to breach corporate accounts to conduct BEC (business email compromise) attacks, diverting payments to bank accounts under their control using falsified documents. The phishing campaign’s…