DataBreaches.net has noted some reports this week involving an unnamed business associate that discovered a phishing attack in January of this year. The most recent disclosure was spotted on the website of South Texas Health System for its South Texas Health System – Edinburg facility. The May notice can be read at and reads, in…
Attempted cyber attack responsible for 3-week Newport News library computer outage
Josh Janney reports: A failed cybersecurity attack is responsible for Newport News Public Library branch computers being out of operation the past three weeks. Public computers and printing, faxing and scan-to-email services have all been unavailable since April 25. Library patrons who tried to use public computers at library branches were greeted with signs taped over the…
KeePass exploit helps retrieve cleartext master password, fix coming soon
Bill Toulas reports: The popular KeePass password manager is vulnerable to extracting the master password from the application’s memory, allowing attackers who compromise a device to retrieve the password even with the database is locked. The issue was discovered by a security researcher known as ‘vdohney,’ who published a proof-of-concept tool allowing attackers to extract the KeePass…
Microsoft Azure VMs Hijacked in Cloud Cyberattack
Elizabeth Montalbano reports: A threat actor known for targeting Microsoft cloud environments now is employing the serial console feature on Azure virtual machines (VMs) to hijack the VM to install third-party remote management software within clients’ cloud environments. Tracked as UNC3844 by researchers at Mandiant Intelligence, the threat group is leveraging this attack method to…
A different kind of ransomware demand: Donate to charity to get your data back
A.J. Vicens reports: A new and increasingly active ransomware group that’s attacked nearly 200 organizations in less than two months has a different spin on its extortion efforts: Don’t pay us, pay a charity. So far, this unnamed group that is at least publicly claiming to be driven by anti-capitalist sentiment and its own brand…
‘Fraud is fun’: Teen hacker charged with breaking into DraftKings accounts leading to theft of $600,000
Lukas I. Alpert reports: A boastful teenage hacker has been charged with orchestrating a break-in to the sports betting website DraftKings, which led to $600,000 being drained from hundreds of customer accounts. Joseph Garrison, 18, of Madison, Wis., is accused of using stolen log-in and password combinations he bought on the dark web to hack…