It’s been a rough year for municipalities, and it’s only likely to get worse. While we read more and more reports of school districts becoming victims of ransomware attacks that delayed school openings or caused school closings, we have also read numerous reports of municipal police and law enforcement sites being defaced, and other municipal…
Category: Of Note
Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks
Symantec reports: A previously undocumented attack group is using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers. The group, which we are calling Tortoiseshell, has been active since at least July 2018. Symantec…
Former Brownsville fire chief found not guilty on security breach charges
Martha Ibarra reports an update to a case previously reported on this site: Carlos Elizondo, Brownsville’s former fire chief, has been found not guilty on six counts of computer security breach. In October of 2017, Carlos Elizondo was suspended after he was accused of assessing the emergency reporting system for Brownsville fire without consent. Read…
Arrest made in Ecuador’s massive data breach
How many times have you wanted to see someone charged criminally for negligence or leaving data exposed? Well, here you go…. Catalin Cimpanu reports: Ecuadorian authorities have arrested the executive of a data analytics firm after his company left the personal records of most of Ecuador’s population exposed online on an internet server. The arrest…
Gootkit malware crew left their database exposed online without a password
Catalin Cimpanu reports: The criminal gang behind the Gootkit malware has made the same mistake that thousands of legitimate companies have made before them in the past years — they left MongoDB databases connected to the internet without a password. The leak allowed security researcher Bob Diachenko to download all group’s data and gain an…
The New Target That Enables Ransomware Hackers to Paralyze Dozens of Towns and Businesses at Once
Renee Dudley of ProPublica reports: On July 3, employees at Arbor Dental in Longview, Washington, noticed glitches in their computers and couldn’t view X-rays. Arbor was one of dozens of dental clinics in Oregon and Washington stymied by a ransomware attack that disrupted their business and blocked access to patients’ records. But the hackers didn’t…