Bill Toulas reports: A new large-scale phishing campaign targeting credentials for Microsoft email services use a custom proxy-based phishing kit to bypass multi-factor authentication. Researchers believe the campaign’s goal is to breach corporate accounts to conduct BEC (business email compromise) attacks, diverting payments to bank accounts under their control using falsified documents. The phishing campaign’s…
Category: Of Note
New York DFS Fines Robinhood $30M for “Significant” Cybersecurity Violations
Linn F. Freedman of Robinson + Cole writes: The New York Department of Financial Services (DFS) announced its first ever penalty against a cryptocurrency platform this week, with a whopping $30 million fine assessed against Robinhood Crypto, LLC (RHC) for what it described as “significant failures in the areas of bank secrecy act/anti-money laundering obligations and cybersecurity…
Update: Goodman Campbell Brain and Spine ransomware incident affected 362,833 patients and employees
On June 9, DataBreaches reported that Goodman Campbell Brain & Spine in Indiana had apparently become a ransomware victim of Hive threat actors on or about May 20. The threat actors added the medical practice to their dedicated leak site on June 8 and leaked a “proofpack” that contained passwords for accounts as well as…
First Choice Community Healthcare discloses breach but doesn’t reveal it was a ransomware attack
First Choice Community Healthcare (FCCH) is a non-profit healthcare system in New Mexico providing a range of services to the community. In a press release issued today, they describe a security incident that they discovered on March 27, 2022. The notice is also posted on their website. Their notice talks about how the incident “may…
Crypto Bridge Nomad Drained of Nearly $200 Million in Exploit
Sidhartha Shukla reports: Nomad, a bridge protocol for transferring crypto tokens across different blockchains, lost close to $200 million in a security exploit on Monday, according to security firm PeckShield Inc. The software system was drained of funds over hours and in small batches by various accounts, blockchain data shows. Read more at Bloomberg.
Brisbane man arrested for distributing spyware to thousands of cyber criminals since age 15
Jimmy Pezzone reports: An Australian man was arrested for allegedly creating and distributing a hacking tool to thousands of cyber criminals worldwide. The 24-year-old hacker is charged with creating and selling a remote access trojan designed to steal personal information and spy on unsuspecting targets. The virus creator made over $300,000 selling the tool, most…