For those who would like a timely reminder about making sure you terminate access and take control of devices immediately when an employee or contractor terminates employment, consider this press release from the Southern District of New York on May 1. Damian Williams, the United States Attorney for the Southern District of New York, announced…
Conservative News Websites Hacked, Replaced With Page Leaking Private Information
Charlie Nash reports: Two conservative news websites – Human Events and The Post Millennial – were hacked on Thursday evening and replaced with a page leaking private information. Both websites were taken down by unnamed hackers and replaced with a fake coming out letter purported to be written by Post Millennial senior editor Andy Ngo. […] At the…
Au: Man arrested as one million club patrons are caught in data breach
Anna McGuinness and Carla Mascarenhas report: NSW Police arrested a man in Fairfield West on May 2 in connection with an alleged data breach that potentially caught out one million club patrons. Police said a 46-year-old man was taken to Fairfield Police Station where he was expected to be charged with blackmail. […] The data…
Russian Hackers Target Industrial Systems in North America, Europe
Eduard Kovacs reports: Government agencies from the United States, Canada and the United Kingdom are providing recommendations to critical infrastructure organizations following a series of attacks launched by apparent pro-Russia hacktivists against industrial control systems (ICS) and other operational technology (OT) systems. A fact sheet authored by the cybersecurity agency CISA and its partners reveals that hacktivist…
Sodinokibi/REvil Affiliate Yaroslav Vasinskyi Sentenced for Role in $700M Ransomware Scheme
May 1 – A Ukrainian national was sentenced today to 13 years and seven months in prison and ordered to pay over $16 million in restitution for his role in conducting over 2,500 ransomware attacks and demanding over $700 million in ransom payments. “As this sentencing shows, the Justice Department is working with our international…
Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO
Zack Whittaker reports: The ransomware gang that hacked into U.S. health tech giant Change Healthcare used a set of stolen credentials to remotely access the company’s systems that weren’t protected by multifactor authentication (MFA), according to the chief executive of its parent company, UnitedHealth Group (UHG). UnitedHealth CEO Andrew Witty provided the written testimony ahead of a…