Issued Date: July 20, 2023 Agency/Authority: Homeland Security and Emergency Services, Division of Objective To assess the extent of implementation of the two recommendations included in our initial audit report, Cyber Incident Response Team (Report 2020-S-58). About the Program Cybercrimes continue to rise. According to the Federal Bureau of Investigation (FBI), complaints of phishing and similar cyberattacks often…
Category: Of Note
Monti Ransomware Unleashes a New Encryptor for Linux
Nathaniel Morales and Joshua Paul Ignacio report: … Following a two-month break from exposing victims on their leak site, the Monti ransomware group has resumed its malicious activities, this time targeting organizations within the legal and government sectors. Alongside this, a fresh Linux-based variant of Monti (Ransom.Linux.MONTI.THGOCBC) has emerged, displaying significant deviations from its other…
One year later, Tift Regional Medical Center notifies patients of Hive attack
In September 2022, DataBreaches broke the story of how Hive had attacked Tift Regional Medical Center in Georgia between July and August. The attack did not involve encryption of systems but Hive claimed to have exfiltrated about 1 TB of data, including files with protected health information. On October 14, Tift notified HHS of an…
Five arrested in Poland for running bulletproof hosting service for cybercrime gangs — Europol
This week, the Polish Central Cybercrime Bureau (Centralne Biuro Zwalczania Cyberprzestępczości) under the supervision of the Regional Prosecutor’s Office in Katowice (Prokuratura Regionalna w Katowicach) took action against LolekHosted.net, a bulletproof hosting service used by criminals to launch cyber-attacks across the world. Five of its administrators were arrested, and all of its servers seized, rendering…
CISA: Review Of The Attacks Associated with Lapsus$ And Related Threat Groups Report
Executive Summary Beginning in late 2021 and continuing late into 2022, a globally active, extortion-focused cyber threat actor group attacked dozens of well-known companies and government agencies around the world. It penetrated corporate networks, stole source code, demanded payments while rarely following up, lodged political messages in shadowy online forums, and swiftly moved on to…
HHS HC3: Multi-Factor Authentication & Smishing
HHS Health Center Cybersecurity Center (HC3) has published a new informational handout and guidance on multi-factor authentication (MFA) and smishing. It includes statistics and suggestions for dealing with common obstacles to implementation. Access the handout on HHS’s site (pdf).