A new listing on ransomedvc claims, “We have successfully breached the District of Columbia Board Of Elections and have gotten more than 600k lines of USA Voters.” The listing links to a sample consisting of one registered voter’s data. That listing included a number of fields with, but not limited to, VoterID, registration date, voter’s…
Parkers Chapel School District network hacked; FBI investigating
Caitlan Butler reports: The Parkers Chapel School District has been hacked, and federal law enforcement agencies, in partnership with the State of Arkansas, are currently investigating the matter. John Gross, PCSD superintendent, said the district learned about the hack last Thursday, Sept. 29. “There’s rumors they’ve been in there for months, but I don’t know…
INC Ransomware claims to have hit Federal Labor Relations Authority
On September 20, a relatively new ransomware gang called INC Ransomware added the Federal Labor Relations Authority to their leak site. As proof, they offered six images of files, two of which appear to contain personal information from cases or submissions involving care. In response to a request from this site, INC also provided DataBreaches…
Ransomware gang QakBot resurfaces after Feds’ botnet takedown
Simon Hendery reports: Evidence suggests the notorious Qakbot malware gang continued staging cyberattacks in August, even as authorities seized its‘ infrastructure and dismantled the formidable botnet it had built up over several years. Before the FBI-led operation that took down the botnet, QakBot (also known as “QBot,” “QuackBot” and “Pinkslipbot”) was the most common malware…
NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
Alert Code AA23-278A EXECUTIVE SUMMARY The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to highlight the most common cybersecurity misconfigurations in large organizations, and detail the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations. Through NSA and CISA Red and Blue…
HC3: Monthly Cybersecurity Vulnerability Bulletin
October 05, 2023 TLP:CLEAR Report: 202310051200 September Vulnerabilities of Interest to the Health Sector In September 2023, vulnerabilities to the health sector have been released that require attention. This includes the monthly Patch Tuesday vulnerabilities released by several vendors on the second Tuesday of each month, along with mitigation steps and patches. Vulnerabilities for September…