HC3 has published another guidance (TLP:WHITE) for the healthcare sector. In this one, they discuss how the same tools used to operate, maintain and secure healthcare systems and networks can also be turned against their own infrastructure. The paper includes: Cobalt Strike PowerShell Mimikatz Sysinternals Anydesk Brute Ratel Access the paper on HHS.
Category: Of Note
Bankrupt Crypto Lender Celsius Reveals Thousands of Users’ Transaction Histories in Court Filing
Will McCurdy reports: Troubled crypto lender Celsius has revealed the names and transaction history of hundreds of thousands of its customers in a court filing. The 14,500-page long document contained information such as customer names, crypto wallet IDs, transaction types and amounts, which services the customer had used, and the types and quantities of tokens held. Read…
Albania weighed invoking NATO’s Article 5 over Iranian cyberattack
Maggie Miller reports: Albania was hit by cyberattacks earlier this year so debilitating that the government considered invoking a NATO declaration that could have pulled all member states into confrontation with Iran, Prime Minister Edi Rama said. It would have been the first time a NATO member state used a cyberattack to invoke Article Five…
Former Uber security chief found guilty of covering up data breach
Maria Dinzeo reports: In a verdict with far-reaching implications for security chiefs nationwide, a federal jury convicted Uber’s former head of security Joe Sullivan on Wednesday of concealing a 2016 data breach from authorities and obstructing an investigation by the Federal Trade Commission into Uber’s security practices. Sullivan had only been on the job a…
Netwalker Affiliate, Sebastian Vachon-Desjardins, Sentenced to 20 years in prison
A Canadian man was sentenced to 20 years in prison and ordered to forfeit $21,500,000 today for his role in NetWalker ransomware attacks. The Court will order restitution at a later date. According to court documents, Sebastian Vachon-Desjardins, 35, of Gatineau, Quebec, participated in a sophisticated form of ransomware known as NetWalker. NetWalker ransomware has…
Meta settles lawsuit for ‘significant’ sum against businesses scraping Facebook and Instagram data
Sarah Perez and Zack Whittaker report: Facebook parent Meta has settled a lawsuit in the U.S. against two companies that had engaged in data scraping operations, which had seen them gathering data from Facebook and Instagram users for marketing intelligence purposes, according to the original complaint filed in October 2020. The companies named in the suit, Israeli-based BrandTotal…