Yesterday, Graham Cluley wrote: UK Prime Minister Boris Johnson announced on Twitter this afternoon that he was chairing the first ever digital Cabinet, while he self-isolated himself at Downing Street after revealing he was suffering “mild symptoms” of Coronavirus. Johnson included in the tweet a screenshot of his desktop, showing there were 35 participants on the Zoom…
Marriott data breach exposes personal data of 5.2 million guests
Keumars Afifi-Sabet reports: Marriott has informed 5.2 million guests that their personal details were inappropriately accessed in a possible data breach. Contacts details, loyalty account information, company, gender, birthday, partnerships and affiliations and room preferences were among guests’ details accessed between mid-January and February 2020. Read more on ITPro.
REvil Ransomware-as-a-Service – An analysis of a ransomware affiliate operation
From Intel471’s Malware Intelligence Team: REvil aka Sodinokibi, Sodin is a ransomware family operated as a ransomware-as-a-service (RaaS). Deployments of REvil first were observed in April 2019, where attackers leveraged a vulnerability in Oracle WebLogic servers tracked as CVE-2019-2725. REvil is highly configurable and allows operators to customize the way it behaves on the infected…
Missouri law firm sued by insurer for not disclosing 2016 hack by thedarkoverlord
For the past few years, this site has covered litigation against Athens Orthopedic Clinic in Georgia related to their hack by thedarkoverlord in 2016. The lawsuit against the clinic, filed by a patient, made it all the way to the Georgia Supreme Court on the issue of whether under Georgia state law, the plaintiff had…
Kwampirs Malware Employed in Ongoing Cyber Supply Chain Campaign Targeting Global Industries, including Healthcare Sector
The summary from Private Industry Notification #20200330 by the FBI, issued March 30: Since at least 2016, the FBI has observed an Advanced Persistent Threat (APT) actor conduct a global network exploitation campaign using the Kwampirs Remote Access Trojan (RAT) and is providing additional, non-technical information in an effort to highlight key objectives of the…
Campaign Gaffe: How a Voter Contact App Exposed Credentials and Code
UpGuard reports: UpGuard can now disclose that a code repository including exposed access credentials for Campaign Sidekick, a current voter contact, survey, and canvassing app used by Republican campaigns, has been secured. The code repository was within a “.git” directory which was configured for public access and hosted on Campaign Sidekick’s primary website. The directory contained…