Some incidents that were reported in France this week: The University of Franche-Comté reported what L’Est Républicain described as a major attack n May 14. Some users received emails with malicious attachments. There does not seem to be any follow-up or notice on the university’s page, so it’s not clear how major this really was…
Category: Phishing
UK: Edinburgh mental health clinic in probe after client information accessed in scam
James Delaney reports: An Edinburgh mental health clinic is at the centre of a probe into a data breach resulting in hundreds of client contact details being accessed as part of a phishing scam. Bosses at The Edinburgh Practice, which offers a range of psychological and psychiatric counselling, were accused of failing to properly notify patients of the…
Worldwide phishing attacks deliver three new malware strains
Sergiu Gatlan reports: A global-scale phishing campaign targeted worldwide organizations across an extensive array of industries with never-before-seen malware strains delivered via specially-tailored lures. The attacks hit at least 50 orgs from a wide variety of industries in two waves, on December 2nd and between December 11th and 18th, according to a Mandiant report published today. UNC2529,…
AU: Service NSW kept victims in dark after hackers stole personal data
Jess Malcolm reports: The NSW government has deliberately failed to inform tens of thousands of people that their personal information was stolen in a cyber security attack on Service NSW employee emails, as the agency says it has no obligation to notify affected customers. Documents obtained by The Australian show Service NSW decided not to…
High-level organizer of notorious hacking group FIN7 sentenced to ten years in prison for scheme that compromised tens of millions of debit and credit cards
Seattle – The first high-level manager of the notorious hacking group FIN7 was sentenced today in U.S. District Court in Seattle to ten years in prison, announced Acting U.S. Attorney Tessa A. Gorman. Fedir Hladyr, 35, a Ukranian national, served as a high-level manager and systems administrator for FIN7. He was arrested in Dresden, Germany,…
Celsius email system breach leads to phishing attack on customers
Lawrence Abrams reports: Cryptocurrency rewards platform Celsius Network has disclosed a security breach exposing customer information that led to a phishing attack. Today, Celsius CEO Alex Mashinsky stated that Celsius’ third-party marketing server was compromised, and threat actors gained access to a partial Celsius customer list. Read more on BleepingComputer.