The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. Pierluigi Paganini reports: Cybersecurity researchers at S-RM team discovered a novel attack technique used by the Akira ransomware gang. The ransomware group used an unsecured webcam to encrypt systems within a target’s network, bypassing Endpoint Detection…
SSK Plastic Surgery discloses it experienced a hack and extortion attempt in 2024
Another plastic surgery practice has revealed that it was the victim of a cyberattack with an extortion demand. SSK Plastic Surgery in California recently notified the California Attorney General’s Office of an incident. The state’s website indicates that SSK Plastic Surgery reported that the breach occurred on March 20, 2024 and was discovered or ended…
Extensive US public school employee data compromise reported from Carruth Compliance Consulting breach
SC Media reports: Oregon-based third-party retirement plan administrator Carruth Compliance Consulting had information from more than 40,000 public school teachers and employees in California, Illinois, New York, Oregon, and Pennsylvania exfiltrated following a December attack by the newly emergent Skira Team hacking group, which purported the theft of data from 36 public schools across the…
White House cyber director’s office set for more power under Trump, experts say
Suzanne Smalley reports: The Office of the National Cyber Director (ONCD) is poised to become a stronger force in the second Trump administration and will finally operate as the executive branch cybersecurity policy lead that Congress envisioned when establishing it in 2021, experts say. President Donald Trump’s selection of Sean Cairncross to lead the office signals that…
Hackers expose information for 700,000 current and former Chicago students, district says
Mila Koumpilova reports an update to the Clop attack on entities using the Cleo file transfer software. In a ransomware attack last year, Russian hackers stole private information for more than 700,000 current and former Chicago Public Schools students and put it on the dark web, district officials said Friday. According to the district, the…
Texas Man Convicted of Sabotaging his Employer’s Computer Systems and Deleting Data
There’s an update to an indictment announced by the DOJ in April 2021. In today’s reminder of the insider threat, DOJ announced: A federal jury in Cleveland convicted a Texas man today for writing and deploying malicious code on his former employer’s network. According to court documents and evidence presented at trial, Davis Lu, 55,…