Dear 0x00sec Users, We are writing to you with important information regarding a recent security incident involving your personal information from https://0x00sec.org 12. We became aware of the incident September 7th, 2020, when a security researcher from Thug Crowd privately disclosed to us that our S3 bucket containing database backups was publicly accessible. The S3 bucket was…
Clinical Trials Hit by Ransomware Attack on Health Tech Firm
Nicole Perlroth reports: A Philadelphia company that sells software used in hundreds of clinical trials, including the crash effort to develop tests, treatments and a vaccine for the coronavirus, was hit by a ransomware attack that has slowed some of those trials over the past two weeks. The attack on eResearchTechnology Inc., which has not…
Attacks Aimed at Disrupting the Trickbot Botnet
Brian Krebs reports: Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations. On Sept….
FL: Students and employees notified of Gulf Coast State College data breach
Gretchen Kernbach reports: Some Gulf Coast State College students and employees received a letter from school officials, dated Sept. 28, about a data breach that took place back between March 31, 2020 and June 3, 2020. The letter said officials learned a hacker accessed several employees’ email accounts. It also states the school launched its…
Two North American hospitality merchants hacked in May and June
Catalin CImpanu reports: In a security alert published on Thursday, US payments processor Visa revealed that two North American hospitality merchants were hacked and had their system infected with point-of-sale (POS) malware earlier this year. […] Visa published on Thursday a security alert [PDF] with a description of the two security breaches and the malware…
New Jersey hospital paid ransomware gang $670K to prevent data leak
Lawrence Abrams reports: University Hospital New Jersey in Newark, New Jersey, paid a $670,000 ransomware demand this month to prevent the publishing of 240 GB of stolen data, including patient info. The attack on the hospital occurred in early September by a ransomware operation known as SunCrypt, who infiltrates a network, steals unencrypted files, and then…