Stuff reports: Waikato District Health Board has succeeded in court action to stop Radio New Zealand using data taken in a cyber-attack. In a decision released on Wednesday, the health board has won an interim injunction through the High Court restraining Radio NZ from accessing stolen data without consent and to permanently delete that data…
Category: Of Note
U.S. medical entities fall prey to Pysa threat actors, but many haven’t disclosed it – at least, not yet.
—– A DataBreaches.net report by Dissent and Chum1ng0 —– Since 2018, threat actors known as “Pysa” (for “Protect Your System Amigo”) have used mespinoza ransomware to lock up victims’ files after exfiltrating a copy of them. In early 2020, alerts about these “big-game hunters” were published by both the FBI and CNIL . Since then,…
Decryptor released for Prometheus ransomware victims
Catalin Cimpanu reports: Taiwanese security firm CyCraft has released a free application that can help victims of the Prometheus ransomware recover and decrypt some of their files. Available on GitHub, the decryptor effectively works by brute-forcing the encryption key used to lock the victim’s data. Read more on The Record.
Fr: Former police officer convicted of selling confidential information on the dark web
Marco A. De Felice reports: Christophe Boutry, a former DGSI ( Direction Générale de la Sécurité Intérieure ) agent, was sentenced to 7 years in prison (with a two-year suspension) for selling confidential information from law enforcement databases on the darkweb. Documents stolen from police archives include fake marriage permits and certificates and sensitive information on the Marseille…
DOJ says SolarWinds hack impacted 27 state attorneys’ offices
Catalin Cimpanu reports: The Russian hackers who orchestrated the SolarWinds supply chain attack pivoted to the internal network of the US Department of Justice, from where they gained access to Microsoft Office 365 email accounts belonging to employees at 27 state attorneys’ offices, the DOJ said in a statement on Friday afternoon. Read more on…
Feds list the top 30 most exploited vulnerabilities. Many are years old
Dan Goodin reports: Government officials in the US, UK, and Australia are urging public- and private-sector organizations to secure their networks by ensuring firewalls, VPNs, and other network-perimeter devices are patched against the most widespread exploits. In a joint advisory published Wednesday, the US FBI and CISA (Cybersecurity and Infrastructure Security Agency), the Australian Cyber Security Center,…