Here’s today’s reminder not to waste your money paying criminals to delete data. After PowerSchool became aware of a hack in December 2024, they paid the then-unnamed attacker(s) to delete data. They subsequently informed their affected clients that they had observed the data deletion and believed that the data had been deleted, and that there…
Category: Of Note
Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
From Mandiant: UNC3944, which overlaps with public reporting on Scattered Spider, is a financially-motivated threat actor characterized by its persistent use of social engineering and brazen communications with victims. In early operations, UNC3944 largely targeted telecommunications-related organizations to support SIM swap operations. However, after shifting to ransomware and data theft extortion in early 2023, they…
Europol: DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains
The following is a press release from Europol: In the latest blow to the criminal market for distributed denial of service (DDoS)-for-hire services, Polish authorities have arrested four individuals who allegedly ran a network of platforms used to launch thousands of cyberattacks worldwide. The suspects are believed to be behind six separate stresser/booter services that…
Raytheon Companies and Nightwing Group to Pay $8.4M to Resolve False Claims Act Allegations Relating to Non-Compliance with Cybersecurity Requirements in Federal Contracts
Raytheon Company (Raytheon), RTX Corporation, and Nightwing Group LLC, and Nightwing Intelligence Solutions LLC (collectively, Nightwing), have agreed to pay $8.4 million to resolve allegations that Raytheon violated the False Claims Act by failing to comply with cybersecurity requirements in contracts or subcontracts involving the Department of Defense (DoD). Raytheon is a subsidiary of Arlington,…
45 CHS hospitals were affected by the Oracle Health outage
This is reportedly all resolved by now, but on April 25, Becker’s Hospital Review reported that dozens of hospitals affiliated with Franklin, Tenn.-based Community Health Systems were experiencing IT outages after data storage linked to their Oracle Health EHRs was accidentally deleted: The hospitals have reverted to paper for patient records, with the issue expected…
EFF Leads Prominent Security Experts in Urging Trump Administration to Leave Chris Krebs Alone
DataBreaches has signed the letter, too, and encourages others to sign it. The administration’s attempts to censor honest reporting just because it disagrees with their political agenda and revenge campaign must stop. April 28 – SAN FRANCISCO – The Trump Administration must cease its politically motivated investigation of former U.S. Cybersecurity and Infrastructure Security Agency…