Gareth Corfield comments: UK authorities could lawfully copy the FBI and forcibly remove web shells from compromised Microsoft Exchange server deployments – but some members of the British infosec industry are remarkably quiet about whether this would be a good thing. In the middle of last week the American authorities made waves after deleting web shells…
UK: University of Hertfordshire still hobbled by ransomware attack
Slightly more than one year after it managed to avoid an investigation by the ICO over its data protection practices, the University of Hertfordshire joined the ranks of the many educational institutions crippled by a ransomware attack. The attack reportedly occurred on April 14, and was reported on April 15. As of today, the university…
SK: State institution in Slovakia target of ransomware attacks
Irena Jenčová reports: The National Security Authority (NBÚ) registered a series of significant ransomware attacks on targets in Slovakia on Friday, that saw hackers request hundreds of thousands of euros for reopening the systems and restoring their full functionality. “At the moment, the National Security can confirm that these cyber-attacks have affected the information technology…
Geico admits fraudsters stole customers’ driver’s license numbers for months
Zack Whittaker reports: Geico, the second-largest auto insurer in the U.S., has fixed a security bug that let fraudsters steal customers’ driver’s license numbers from its website. In a data breach notice filed with the California attorney general’s office, Geico said information gathered from other sources was used to “obtain unauthorized access to your driver’s…
Avaddon starts dumping data from Malta’s Nationalist Party
Marco A. De Felice reports: The Avaddon ransomware group has managed to enter the IT structure of the Partit Nazzjonalista ( Nationalist Party of Malta). Last night the cybercriminals , after the non-payment of the ransom, decided to publish a first part of the exfiltrated documents on their website. Avaddon publishes a note claiming to be in possession of the…
Ransomware ‘bull’s eye’ grows, clouding telehealth’s rise in long-term care
Kimberly Mersalas reports: Even as COVID-19 and its emphasis on telehealth have opened providers to greater cybersecurity risks, insurance policies that offer potential protection are becoming more expensive, and in some cases, harder to get. Insurers are issuing 25% to 50% premium increases this year, reflecting a large number of ransomware payouts over the last…