The Office of Inadequate Security
On Wednesday, the RansomHub ransomware group added a listing for DoctorsToYou in New York to their leak site. Their listing included several screencaps that revealed personally identifiable information (PII) and protected health information (PHI). Some of the files specifically showed their name or letterhead. The listing did not indicate how many GB of data RansomHub…
Coinpaper reports: Radiant Capital paused its lending markets after a cybersecurity breach that resulted in losses of more than $50 million on both the BNB Chain and Arbitrum networks. According to Web3 cybersecurity firm De.Fi Antivirus, the exploit was linked to the “transferFrom” function in Radiant Capital’s smart contracts, which allowed the attacker to drain funds…
From CISA, Alert Code: AA24-290A Summary The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Communications Security Establishment Canada (CSE), the Australian Federal Police (AFP), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint Cybersecurity Advisory to warn network defenders…
TV Globo reports (machine translation) that a 33-year-old Brazilian hacker suspected of invading the systems of the Brazilian federal police and other international institutions has been arrested. The hacker, known as “USDoD” was arrested this morning in Belo Horizonte (MG), less than two months after he was doxed by Crowdstrike. The public doxing of him…
Sydney J. Freedberg Jr. reports: AUSA 2024 — Army undersecretary Gabe Camarillo announced here Tuesday that the service would create a secure online enclave where small businesses can work with sensitive information under the Army’s protection — a potential lifeline for smaller firms struggling to meet Pentagon cybersecurity requirements and defend themselves against high-end threats like China. Known as…
Here’s today’s reminder that it’s not just HHS OCR that entities need to be concerned about in terms of enforcement of data security requirements for health data. ASRC Federal Data Solutions LLC (AFDS), headquartered in Reston, Virginia, has agreed to resolve False Claims Act allegations in connection with a government contract related to its storage…