Helga Labus reports: A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. […] The (limited) attacks were first spotted by the Microsoft Threat Intelligence team, and they notified Israeli software maker SysAid about them on November…
Personal information breached in data security incident, Butler County says
Sierra Rehm reports: Butler Couty is notifying the public of a data security incident where someone gained access to personally identifiable information. The county said federal authorities alerted them to suspicious activity on its computer network at the start of October. By the end of October, it determined there was unauthorized access to personally identifiable…
NYDFS Updates Its Cybersecurity Regulation to Protect Against Growing Cyber Threats
Hunton Andrews Kurth writes: On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. Our previous blog post covered key proposed changes to the Cyber Regulation. The NYDFS, which regulates financial institutions including insurance companies, mortgage brokers and banks, adopted the…
Optum medical group in New York reports service disruption
Laura Dyrda Crystal Run Healthcare in Middletown, N.Y., told patients to expect longer wait times than usual amid a system interruption affecting some services, according to the medical group’s website. Mid Hudson News reported Nov. 3 that Crystal Run experienced a service disruption. “We are working diligently to resolve these issues,” the medical group wrote on its…
OFAC Sanctions Russian National Ekaterina Zhdanova for Using Cryptocurrency to Launder Money on Behalf of Russian Elites and Ransomware Groups
The Chainanalysis Team writes: On November 3, 2023, the United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Russian national Ekaterina Zhdanova for using cryptocurrency to launder money on behalf of Russian elites, ransomware groups, and other bad actors. Below, we’ll explore the three Bitcoin addresses included in OFAC’s designation that she used…
Southwestern Ontario hospitals will rebuild network from scratch amid fallout from cyberattack; more data leaked
CBC reports: All five southwestern Ontario hospitals impacted by a cyberattack just over two weeks ago will rebuild their networks from scratch, the hospitals say in an update Wednesday. But the hospitals also say the investigation into precisely whose data was taken in the attack is expected to take months. “Through our investigation we know…