Report: 202212121700 LockBit 3.0 Ransomware December 12, 2022 Executive Summary LockBit 3.0 is the newest version of the LockBit ransomware that was first discovered in September 2019. The ransomware family has a history of using the Ransomware-as-a-service (RaaS) model and typically targets organizations that could pay higher ransoms. Historically, this ransomware employs a double extortion…
Category: U.S.
FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked
Brian Krebs reports: InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly…
KS: Legislative Post Audit report identifies IT concerns at state agencies, school districts
Phil Anderson reports: A report from the Kansas Legislative Division of Post Audit that was released this week identified a number of information technology security concerns found over a three-year period at state agencies and school districts. The report was made public during a session on Monday at the Statehouse. According to the report, the…
IN: Munster student gained access to school network and student information
Carole Carlson reports: School Town of Munster parents learned recently a student gained access to an administrative file back in April and copied privacy information. Superintendent Bret Heller told parents it was discovered Oct. 26 after officials noticed an administrative file in an unexpected location. Through an investigation, officials found a student gained access and…
Most of the 10 largest healthcare data breaches in 2022 are tied to vendors
Jessica Davis reports: Ninety percent of 10 largest healthcare data breaches reported this year were caused by third-party vendors, much like in 2021. The fallout for many of these cyberattacks resulted in impacts for multiple connected providers, with two of these vendor incidents affecting hundreds of providers. These incidents should serve as a warning to…
Uber suffers new data breach after attack on vendor, info leaked online
Lawrence Abrams reports: Early Saturday morning, a threat actor named ‘UberLeaks’ began leaking data they claimed was stolen from Uber and Uber Eats on a hacking forum known for publishing data breaches. The leaked data includes numerous archives claiming to be source code associated with mobile device management platforms (MDM) used by Uber and Uber Eats…