Steve Zurier reports: Aqua Security on Tuesday reported that at least 60% of the Kubernetes clusters they researched were breached and had an active campaign with deployed malware and backdoors. In a release Aug. 8, Aqua Nautilus researchers explained that the exposures were caused by two misconfigurations, which emphasized how known and unknown misconfigurations are…
Outrage at massive police data breach that saw the personal details of more than 10,000 PSNI officers and staff accidentally published online
Daisy Graham-Brown reports: Police in Northern Ireland have been involved in a data breach ‘of monumental proportions’ affecting thousands of officers and civilian staff. The major breach reportedly involves names, ranks and other personal data from employees of the Police Service of Northern Ireland (PSNI), but does not involve the officers’ and civilians’ private addresses, it is…
Oregon Sports Medicine allegedly hit by 8Base threat actors
Oregon Sports Medicine was added to 8Base’s leak site today. No files or filetree was offered as any proof of claims, but the threat actors claim that they acquired: Invoice Receipts Accounting documents Personal data Certificates Employment contracts A huge amount of confidential information Confidentiality agreements Personal files of patients Another The listing indicates that…
Il: Cyberattack shuts down Bnei Brak hospital’s computers
JNS reports: Mayanei Hayeshua Medical Center in Bnei Brak was hit by a cyberattack on Monday night, Israel’s Health Ministry announced on Tuesday morning. The hospital’s administrative computers were shut down in what was described as a ransomware attack. The ultra-Orthodox hospital, located east of Tel Aviv, said medical equipment was not affected by the…
HC3: Sector Alert: Rhysida Ransomware
August 4, 2023 TLP:CLEAR Report: 202308041500 Executive Summary Rhysida is a new ransomware-as-a-service (RaaS) group that has emerged since May 2023. The group drops an eponymous ransomware via phishing attacks and Cobalt Strike to breach targets’ networks and deploy their payloads. The group threatens to publicly distribute the exfiltrated data if the ransom is not…
Jefferson County Health Center notifies patients about May cyberattack
On or about July 7, Karakurt threat actors added Jefferson County Health Center in Iowa to their leak site to pressure them to pay ransom demands. Or was it Jefferson County Hospital in Oklahoma that they had hit? Right below their heading claiming it was the Iowa facility, their text indicated it was the similarly…