Denny Jacob reports: Montrose Environmental Group Inc. said Tuesday that it determined it was the target of a ransomware attack over the weekend. The environmental services company said it believes the attack primarily affected computers and servers within its Enthalpy Analytical laboratory network based on currently available information. Montrose said fact patterns of the attack…
Central Florida Inpatient Medicine notifies 197,733 patients after employee email account compromised last year
Central Florida Inpatient Medicine (CFIM) is notifying 197,733 patients whose protected health information (PHI) was in an employee’s email account that was accessed by an unauthorized individual between August 21, 2021 and September 17, 2021. CFIM does not indicate when they first discovered that there had been a breach or how they first discovered it. …
TX: Guadalupe County investigating potential network breach
Dalondo Moultrie reports: A data security incident has Guadalupe County officials on high alert and working together and with outside agencies to determine risk factors for county employees and residents. County information technology leaders learned about the incident early Saturday and quickly moved the county into defense mode, County Judge Kyle Kutscher said. The county…
Illinois Man Sentenced to 2 Years in Federal Prison for Operating DDoS-for-Hire Services
There’s an update to the case of Matthew Gatrel, whose conviction was previously reported on this site in September 2021: LOS ANGELES – An Illinois man was sentenced today to 24 months in federal prison for running websites that allowed paying users to launch powerful distributed denial of service, or DDoS, attacks that flood targeted computers…
Cybercriminals use reverse tunneling and URL shorteners to launch ‘virtually undetectable’ phishing campaigns
Stephen Pritchard reports: A new way of carrying out phishing attacks is being adopted by criminal groups – and it could make threat actors virtually undetectable, security researchers warn. The technique involves using ‘reverse tunnel’ services and URL shorteners to launch large-scale phishing attacks. What’s more, the groups using these techniques leave no trace. Instead, threat actors…
New Canadian cybersecurity bill to require mandatory reporting of ransomware, other attacks
Jim Bronskill reports: Businesses and other private-sector organizations would be required to report ransomware incidents and other cyberattacks to the government under a federal bill to be tabled today. The legislation is intended to flesh out Liberal government efforts to protect critical infrastructure following last month’s announcement that Chinese vendors Huawei Technologies and ZTE will be banned from Canada’s…