TLP:CLEAR Product ID: AA23-320A November 16, 2023 SUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors. This advisory provides tactics, techniques, and procedures (TTPs) obtained through…
Category: Of Note
AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC (2)
Earlier today, AlphV added MeridianLink to their leak site. MeridianLink (MLNK) is the provider of a loan origination system and digital lending platform for financial institutions. AlphV’s listing has been temporarily removed to be updated, but DataBreaches has learned some additional details from someone involved in the attack. The attack was last Tuesday, November 7….
FBI knows identities of some U.S. members of “Scattered Spider,” but no arrests so far?
Zeba Siddiqui, Christopher Bing, and Raphael Satter report: The U.S. Federal Bureau of Investigation (FBI) has struggled to stop a hyper-aggressive cybercrime gang that’s been tormenting corporate America over the last two years, according to nine cybersecurity responders, digital crime experts and victims. For more than six months, the FBI has known the identities of…
The Mirai Confessions: Three Young Hackers Who Built a Web-Killing Monster Finally Tell Their Story
A snippet from another great read by WIRED: After a typical sleepless night at his keyboard, 19-year-old Josiah White sat staring at the three flatscreen monitors he’d set up on a workbench in a messy basement storage area connected to the bedroom he shared with his brother in their parents’ house. He was surrounded by…
Denmark Hit With Largest Cyberattack on Record
Chris Riotta reports: Hackers potentially linked to the Russian GRU Main Intelligence Directorate carried out a series of highly coordinated cyberattacks targeting Danish critical infrastructure in the nation’s largest cyber incident on record, according to a new report. SektorCERT, a nonprofit cybersecurity center for critical sectors in Denmark, reported that attackers gained access to the…
New York Plans Cyber Rules for Hospitals
James Rundle reports: New York regulators Monday plan to issue cybersecurity regulations for hospitals, after a series of attacks crippled operations at medical facilities. Under draft rules reviewed by The Wall Street Journal, New York will require general hospitals to develop and test incident response plans, assess their cybersecurity risks and install security technologies such…