Lindsey O’Donnell-Welch reports: A series of campaigns, with links to the threat actor behind the SolarWinds supply-chain intrusion, have been targeting cloud service providers with a new malware loader variant called CeeLoader. Researchers with Mandiant in a Monday analysis said they identified two distinct clusters of activity, UNC3004 and UNC2652, which they associate with UNC2452 (also known…
Category: Of Note
U.S. Military Has Acted Against Ransomware Groups, General Acknowledges
Julian E. Barnes reports: The U.S. military has taken actions against ransomware groups as part of its surge against organizations launching attacks against American companies, the nation’s top cyberwarrior said on Saturday, the first public acknowledgment of offensive measures against such organizations. […] General Nakasone would not describe the actions taken by his commands, nor…
U.S. State Department phones hacked with Israeli company spyware – sources
Christopher Bing and Joseph Menn reports: Apple Inc iPhones of at least nine U.S. State Department employees were hacked by an unknown assailant using sophisticated spyware developed by the Israel-based NSO Group, according to four people familiar with the matter. The hacks, which took place in the last several months, hit U.S. officials either based…
Welcome surprise: threat actors give victim school district a free decryptor.
On November 23, DataBreaches.net reported that Avos Locker threat actors had added Beaverhead County High School in Montana to their leak site. At the time, this site reported: From their listing, Avos Locker is clearly aware that this is a tiny school district with only a few hundred students and less than two dozen teachers….
Former Ubiquiti employee charged with hacking and extorting company
Catalin Cimpanu reports: An Oregon man and a former employee of Ubiquiti Networks was arrested and charged today with hacking the company’s servers, stealing gigabytes of information, and then attempting to extort his employer for $2 million when Ubiquiti began investigating the breach. The suspect, arraigned in a courtroom earlier today, was identified as Nickolas Sharp,…
CarePartners agrees to settle proposed cyberattack class action for up to $3.4 million, but don’t party just yet
Bernise Carolino reports that there is a settlement in a lawsuit against CarePartners in Canada. The proposed class-action lawsuit stemmed from a breach in 2018 that DataBreaches.net investigated and covered on this site. The firms of Howie, Sacks & Henry LLP (HSH), Waddell Phillips PC and Schneider Law Firm represented the plaintiffs, Arthur Redublo and…