One of the leaders of the Infraud Organization pleaded guilty today to RICO conspiracy. Infraud was an Internet-based cybercriminal enterprise engaged in the large-scale acquisition, sale, and dissemination of stolen identities, compromised debit and credit cards, personally identifiable information, financial and banking information, computer malware, and other contraband. Assistant Attorney General Brian A. Benczkowski of…
UCSF admits it paid NetWalker more than $1 million ransom
On June 4, this site noted that NetWalker ransomware operators had added the University of California at San Francisco (UCSF) to their website where they name victims who have not paid their ransom demands. I did not expect the university to pay, commenting, at the time, “I wonder if the threat actors know how many…
8 U.S. City Websites Targeted in Magecart Attacks
Lindsey O’Donnell reports: Researchers believe that Click2Gov, municipal payment software, may be at the heart of this most recent government security incident Researchers are warning that the websites of eight U.S. cities – across three states – have been compromised with payment card-stealing Magecart skimmers. The websites all utilize Click2Gov municipality payment software, which was previously…
Magellan ransomware attack impacted multiple subsidiaries and affiliates (UPDATE 2)
On May 12, DataBreaches.net reported that Magellan Health was notifying an unspecified number of individuals as a result of a ransomware attack. At the time they wrote their notification letter, Magellan stated that investigators had found that a subset of data had been exfiltrated from a single corporate server. As explained in their first notification…
New Charges, Sentencing in Satori IoT Botnet Conspiracy
Brian Krebs reports: The U.S. Justice Department today charged a Canadian and a Northern Ireland man for allegedly conspiring to build botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks. In addition, a defendant in the United States was sentenced today to drug…
Jamesville-DeWitt High School student email list breached; explicit messages sent
Elizabeth Doran reports: DeWitt, N.Y. — The Jamesville-DeWitt High School email listserv was breached, and three “explicit” messages were sent to students, according to a notification the district sent to families. The messages were each one line, and contained vulgar language directed at school administrators, according to copies obtained by syracuse.com | The Post-Standard. They were all…