Joseph Menn reports: The massive hacking campaign disclosed by U.S. officials this week and tentatively attributed to the Russian government extended beyond users of pervasive network software that had been compromised. “The SolarWinds Orion supply chain compromise is not the only initial infection vector this APT actor leveraged,” said DHS’s Cybersecurity and Infrastructure Security Agency,…
Category: U.S.
Ca: Olympia House notifying patients about ransomware attack discovered in early August
On August 10, DataBreaches.net reported that Olympia House, an alcohol rehabilitation and drug treatment center in Petaluma, California had apparently been attacked by NetWalker ransomware threat actors but had not responded to an inquiry by this site. By November 9, Olympia House still had not posted any statement on their site or press release, and…
Company that Provides Travel Emergency Services Settles FTC Allegations it Failed to Secure Sensitive Consumer Data
It feels like it’s been a while since we’ve seen an FTC data security case (well, apart from Zoom’s issues). Today, FTC issued a press release about a settlement stemming from SkyMed International’s misconfigured elastic search instance that exposed more than 130,000 people’s information. The exposed data were discovered by Jeremiah Fowler and reported in…
OH: Firelands middle school online classes suspended following ‘Zoom bombing’ incident
Carissa Woytach reports: A Zoom meeting at a Firelands School building was hacked Monday, forcing the building to suspend live online classes. A seventh-grade online class from South Amherst Middle School was hacked, with a person posing as a student joining the meeting displaying pornography on their screen, according to emails sent to parents and…
Regulatory Crackdown on Ransomware
Seetha Ramachandran, Nolan Goldberg and Hena M. Vora of Proskauer write: It is increasingly common for Ransomware attacks to be associated with large sophisticated cyber-criminal organizations, with a central entity providing the tools, training, and ability to collect ransoms and sending its “associates” out to cause harm. As long as victims continue to pay ransoms, Ransomware…
Threat actors claim to have attacked City of Dade City, Florida
From the this-doesn’t-bode-well department: Avaddon threat actors claim to have attacked the City of Dade City, Florida. Although the city has not made any statement either denying or confirming any attack at the time of this posting, the attackers did post some screenshots of directories and files that seem consistent with their claims. The attackers…