On August 30, HHS added Queen Creek Medical Center d/b/a Desert Wells Family Medicine in Arizona to its public breach tool. The entity had reported that 35,000 patients were impacted by a breach involving a hack of the network. We now have more details on that incident available thanks to a public disclosure of their…
Category: Of Note
New .avos2 variant: AvosLocker affiliate extorts $ 85k from victim thanks to old vulnerability in FortiGate VPN
Marco A. De Felice reports: An affiliate of the AvosLocker ransomware group extorts $ 85,000 in bitcoin from a company thanks to a known vulnerability in FortiGate VPN ( CVE-2018-13379 ). A vulnerability that the American multinational had corrected THANKS TO AN UPDATE released IN NOVEMBER 2019 . Those who have not updated their systems are a small company that…
Hackers leak passwords for 500,000 Fortinet VPN accounts
Lawrence Abrams reports: A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. While the threat actor states that the exploited Fortinet vulnerability has since been patched, they claim that many VPN credentials are still valid. Read more on BleepingComputer.
United Nations’ Computers Breached by Hackers Earlier This Year – Resecurity
William Turton and Kartikay Mehrotra of Bloommberg report: Hackers breached the United Nations’ computer networks earlier this year and made off with a trove of data that could be used to target agencies within the intergovernmental organization. The hackers’ method for gaining access to the UN network appears to be unsophisticated: They likely got in…
Ukrainian Cyber Criminal Extradited For Decrypting The Credentials Of Thousands Of Computers Across The World And Selling Them On A Dark Web Website
Tampa, Florida – Acting United States Attorney Karin Hoppmann announces the extradition of Glib Oleksandr Ivanov-Tolpintsev (28, Chernivtsi, Ukraine) in connection with charges of conspiracy, trafficking in unauthorized access devices, and trafficking in computer passwords. If convicted on all counts, he faces a maximum penalty of 17 years in federal prison. The indictment also notifies…
Elon Musk’s top-secret ‘full self-driving’ AI car software leaked to hackers
Claran Daly reports: The software which enables certain Tesla cars to autonomously drive themselves has been leaked, enabling hackers outside of the USA to hit the streets hands-free. The software usually costs up to $10,000. Read more on The Daily Star. Does anyone else find this leak frightening?