NewsHub reports: The company said in a statement there was not yet evidence of personal health data being compromised but it could not be ruled out. “Our IT provider is working with their own forensic experts and Government agencies to understand the nature and extent of the impact. We have also notified the relevant regulatory authorities including…
#StopRansomware: Cuba Ransomware
Joint Cybersecurity Advisory Product ID: AA22-335A December 1, 2022 TLP:CLEAR The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known Cuba ransomware IOCs and TTPs associated with Cuba ransomware actors identified through FBI investigations, third-party reporting, and open-source reporting. This advisory updates the…
Brazilian debt collection firm pays Hive $500k ransom while SuspectFile spectates it all
Marco A. De Felice (aka @amvinfe) had a bird’s eye view of negotiations between a Brazilian credit recovery and financial solutions firm and the Hive ransomware team. He also got to track the victim’s payment over wallets. Reading his partial transcript from the negotiations, the victim quickly went from an offer of $50k — an…
Albanian IT Staff Charged With Negligence Over Cyberattack
AP reports: Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by alleged Iranian hackers. Prosecutors said the five IT officials of the public administration department had failed to check the security of the system and update it with the most recent…
Vanuatu officials turn to phone books and typewriters, one month after cyber attack
At the end of October, the tiny South Pacific archipelago of Vanuatu was hit by a cyberattack with devastating consequences. They officially acknowledged the incident as an attack on November 5. Now, almost a month later, they are still struggling to recover. Christopher Cottrell reports: One month after a cyber-attack brought down government servers and…
Hackers are locking out Mars Stealer operators from their own servers
Zack Whittaker reports: A security research and hacking startup says it has found a coding flaw that allows it to lock out operators of the Mars Stealer malware from their own servers and release their victims. Mars Stealer is data-stealing malware as a service, allowing cybercriminals to rent access to the infrastructure to launch their…