Florida Healthy Kids is a state-created entity that provides health and dental insurance for Florida children aged 5-18. On Friday, they joined the unhappy ranks of those affected by the MOVEit breach that has affected more than 600 organizations already. In this case, it was their vendor, Maximus, who issued the notification. The number of…
CISA: Review Of The Attacks Associated with Lapsus$ And Related Threat Groups Report
Executive Summary Beginning in late 2021 and continuing late into 2022, a globally active, extortion-focused cyber threat actor group attacked dozens of well-known companies and government agencies around the world. It penetrated corporate networks, stole source code, demanded payments while rarely following up, lodged political messages in shadowy online forums, and swiftly moved on to…
HHS HC3: Multi-Factor Authentication & Smishing
HHS Health Center Cybersecurity Center (HC3) has published a new informational handout and guidance on multi-factor authentication (MFA) and smishing. It includes statistics and suggestions for dealing with common obstacles to implementation. Access the handout on HHS’s site (pdf).
Nearly 1.5 million affected by data breach at Alberta Dental Service Corporation
CBC reports: A significant data breach has compromised the personal information of about 1.47 million Albertans, the Alberta Dental Service Corporation said Thursday. In a statement, ADSC said certain data from public dental benefits programs it administers for the provincial government was implicated in a recent cybersecurity breach. ADSC learned it was the victim of…
CT: New Haven Board of Education victim of $6 million cyber theft
Doug Stewart reports: The city of New Haven suffered a $6 million theft in a cyber attack earlier this year it was announced Thursday. To date, law enforcement officials have recovered over half the money. Officials said the cyber attack targeted the Board of Education’s Chief Executive Officer and Chief Operating Officer in what was described…
Notorious phishing platform shut down, arrests in international police operation
From Interpol, this week: SINGAPORE – A notorious ‘phishing-as-a-service’ (PaaS) platform known as ‘16shop’ has been shut down in a global investigation coordinated by INTERPOL, with Indonesian authorities arresting its operator and one of its facilitators, with another arrested in Japan. The three arrests, which concluded with actions against a suspect last month, was made…