Nobelium launched the attacks after getting access to an email marketing service used by the United States Agency for International Development, or USAID, according to Microsoft. Guardian staff and agencies report: The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted phishing assault on US and foreign government agencies and thinktanks this…
Category: Phishing
Philly data breach that impacted health employee emails also hit other departments
Emily Scott reports: The City of Philadelphia has released an update on an investigation into a data breach that left some employee email accounts accessible to unauthorized individuals. The incident, initially identified in March 2020, was the result of an employee’s email account that was exposed due to a phishing attack. The breach impacted people receiving services…
Some incidents reported in France this week
Some incidents that were reported in France this week: The University of Franche-Comté reported what L’Est Républicain described as a major attack n May 14. Some users received emails with malicious attachments. There does not seem to be any follow-up or notice on the university’s page, so it’s not clear how major this really was…
UK: Edinburgh mental health clinic in probe after client information accessed in scam
James Delaney reports: An Edinburgh mental health clinic is at the centre of a probe into a data breach resulting in hundreds of client contact details being accessed as part of a phishing scam. Bosses at The Edinburgh Practice, which offers a range of psychological and psychiatric counselling, were accused of failing to properly notify patients of the…
Worldwide phishing attacks deliver three new malware strains
Sergiu Gatlan reports: A global-scale phishing campaign targeted worldwide organizations across an extensive array of industries with never-before-seen malware strains delivered via specially-tailored lures. The attacks hit at least 50 orgs from a wide variety of industries in two waves, on December 2nd and between December 11th and 18th, according to a Mandiant report published today. UNC2529,…
AU: Service NSW kept victims in dark after hackers stole personal data
Jess Malcolm reports: The NSW government has deliberately failed to inform tens of thousands of people that their personal information was stolen in a cyber security attack on Service NSW employee emails, as the agency says it has no obligation to notify affected customers. Documents obtained by The Australian show Service NSW decided not to…