WBRC reports: St. Clair County Commission Chairman Paul Manning said the county is a victim of a cyberattack, but no data has left the system. Manning said on September 21, 2020, around 7:00 p.m., St. Clair County was the target of the cyberattack. The county immediately began taking actions to mitigate and remediate any hardware…
Big Game Hunting: Now in Russia
Rustam Mirkasymov and Oleg Skulkin of Group-IB write: The email raised no suspicions. An employee of a Russian medical company boldly clicked on the link and downloaded the attached ZIP archive. The message with the subject “Bill due” looked like it had been sent by the Finance Department of a large Russian media holding, the…
Shopify says two ‘rogue’ employees involved in data breach to obtain customer records
The Canadian Press reports: Shopify Inc. is working with the FBI after two “rogue members” of its support team engaged in a scheme to illegitimately obtain customer transactional records of some merchants. The Ottawa-based tech firm says it terminated the employees’ access to its network and referred the data breach to law enforcement. Read more…
A bit more on Nathan Wyatt’s sentencing and what happens next
Because I had no idea how some things work when a convicted defendant is a foreign national who is supposed to pay restitution, and because I found some elements of Nathan Wyatt’s sentence confusing, I followed up with the U.S. Department of Justice on his sentence (see my previous post about his guilty plea and…
International Sting Against Dark Web Vendors Leads to 179 Arrests — Europol
A major press release from Europol today: Today, a coalition of law enforcement agencies across the world announced the results of a coordinated operation known as DisrupTor which targeted vendors and buyers of illicit goods on the dark web. This operation follows the takedown in May of last year of Wall Street Market, the world’s then…
US cybersecurity agency issues super-rare emergency directive to patch Windows Server flaw ASAP
Robbie Harb reports: Uncle Sam’s Cybersecurity and Infrastructure Security Agency (CISA) has taken the unusual step of issuing an emergency directive that gives US government agencies a four-day deadline to roll out a Windows Server patch. The directive, issued on September 18, demanded that executive agencies to take “immediate and emergency action” to patch CVE-2020-1472, the CVSS-perfect-ten-rated…