Sergiu Gatlan reports: Navistar International Corporation (Navistar), a US-based maker of trucks and military vehicles, says that unknown attackers have stolen data from its network following a cybersecurity incident discovered on May 20, 2021. The company disclosed the attack in an 8-K report filed with the Securities and Exchange Commission (SEC) on Monday. Navistar says…
The blurry boundaries between nation-state actors and the cybercrime underground
Intel471 writes: When it comes to attributing malicious cyber activity, there are two buckets by which actors generally fall in: “financially-motivated” or “nation-state.” The former is ultimately interested in money, while the latter is more concerned with obtaining or exploiting sensitive information to gain an advantage over a government or commercial entity. For the past…
Exchange Servers Targeted by ‘Epsilon Red’ Malware
Elizabeth Montalbano reports: REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests. Threat actors have deployed new ransomware on the back of a set of PowerShell scripts developed for making encryption, exploiting flaws in unpatched Exchange Servers to…
Au: Victoria’s child protection department misled watchdogs after sex offender Alex Jones CRISSP data breach
Josie Taylor and ABC Investigations’ Sarah Curnow report: Victorian child protection authorities misled the state’s privacy watchdog during an investigation of a data breach involving a sex offender and dozens of vulnerable children, telling the Office of the Victorian Information Commissioner it had contacted all affected children when it had not. The state’s commissioner for…
De: Pearl takes online shop offline after cyberattack
Pearl is a German mail-order company that sells electronics and computers, cameras, clothing, jewelry, and games. Now, it’s a mail-order company without an online shop. Spiegel reports (translation): On June 5, 2021, the IT systems of Pearl GmbH were attacked by hackers who had access to servers and virtual machines,” writes the company from Buggingen…
Department of Justice Seizes $2.3 Million in Cryptocurrency Paid to the Ransomware Extortionists Darkside
WASHINGTON – The Department of Justice today announced that it has seized 63.7 bitcoins currently valued at approximately $2.3 million. These funds allegedly represent the proceeds of a May 8, ransom payment to individuals in a group known as DarkSide, which had targeted Colonial Pipeline, resulting in critical infrastructure being taken out of operation. The…