Britton White writes: After a university was recently hit with Ransomware, I decided to research the university’s domain name searching for any users who might have been hit with Redline Infostealer/Malware. To no surprise, I found many students had unknowingly had their saved browser credentials scraped (stolen/exfiltrated). It didn’t take long to find a student…
Category: Of Note
North Korean hackers behind $600 million crypto heist – FBI; spying on South Korean chemical sector firms – Symantec
Ameya Paleja reports: Cyber actors such as the Lazarus Group and APT38, from North Korea, have been confirmed by the Federal Bureau of Investigation (FBI) to be involved in the $600-million crypto-heist that took place last month, the investigation agency said in a press release. Earlier this year, we had reported that North Korean cybercriminals made…
Patients increasingly suing hospitals over data breaches
Jeff Lagasse reports: Industries are increasingly being sued by consumers for data breaches, but the sector with the biggest litigation increase is healthcare, according to new findings from the law firm BakerHostetler. In fact, healthcare comprises 23% of lawsuits due to data breaches. The next highest after that is business and professional services at 17%,…
‘JekyllBot:5’ Vulnerabilities Allow Remote Hacking of Hospital Robots
Eduard Kovacs reports: Cybersecurity researchers specializing in healthcare IoT systems have discovered five serious vulnerabilities that can be exploited to remotely hack Aethon’s TUG autonomous mobile robots. The TUG robots are used by hundreds of hospitals in North America, Europe and Asia to transport goods, materials and clinical supplies. Their role is to give staff…
LockBit ransomware gang lurked in a U.S. gov network for months
Bill Toulas reports: A regional U.S. government agency compromised with LockBit ransomware had the threat actor in its network for at least five months before the payload was deployed, security researchers found. Logs retrieved from the compromised machines showed that two threat groups had compromised them and were engaged in reconnaissance and remote access operations….
RaidForums seized in Operation TOURNIQUET; forum’s administrator and two accomplices arrested
From Europol, today: The illegal marketplace ‘RaidForums’ has been shut down and its infrastructure seized as a result of Operation TOURNIQUET, a complex law enforcement effort coordinated by Europol to support independent investigations of the United States, United Kingdom, Sweden, Portugal, and Romania. The forum’s administrator and two of his accomplices have…