From Intel471: Since its release in 2012, Cobalt Strike has been one of the most popular tools for penetration testers to use when simulating how known threat actor tools will look when targeting an organization’s network. However, there is a downside to that popularity: the criminals love it, too. And if they are using it,…
City pays $350,000 after suing “hackers” for opening Dropbox link it sent them
When is a “hack” not a “hack?” When a government entity mistakenly gives journalists access to files that just maybe, they didn’t intend to give them access to….. Tim De Chant reports: The city of Fullerton, California, has agreed to pay $350,000 to settle a lawsuit it brought against two bloggers it accused of hacking the city’s…
Recruiter’s Cloud Snafu Exposes 20,000 CVs and ID Documents
Phil Muncaster reports: Tens of thousands of jobseekers have had their personal information exposed by a misconfigured cloud account, according to researchers. A team at Website Planet discovered the AWS S3 bucket left unprotected and unsecured by FastTrack Reflex Recruitment, now TeamBMS. The firm apparently specializes in recruitment for the building management systems sector, for projects including skyscrapers…
The Full Story of the Stunning RSA Hack Can Finally Be Told
Andy Greenberg reports: AMID ALL THE sleepless hours that Todd Leetham spent hunting ghosts inside his company’s network in early 2011, the experience that sticks with him most vividly all these years later is the moment he caught up with them. Or almost did. It was a spring evening, he says, three days—maybe four, time had…
Colonial Pipeline confirms it paid $4.4 million to hackers
Cathy Bussewitz of AP reports: The operator of the nation’s largest fuel pipeline confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems. Colonial Pipeline said Wednesday that after it learned of the May 7 ransomware attack, the company took its pipeline system offline and needed to do everything…
Cyber attack has caused ‘enormous risk’ – HSE official
RTÉ reports: The Health Service Executive’s National Clinical Adviser for Acute Operations has said there is an “enormous risk” across health services following the cyber attack last week which forced a shutdown of the HSE’s IT systems. Speaking on RTÉ’s Morning Ireland, Dr Vida Hamilton said it is a “major disaster” and described it as…