Bill Toulas reports: Threat analysts report that the Russian state-sponsored threat group known as Gamaredon (a.k.a. Armageddon/Shuckworm) is launching attacks against targets in Ukraine using new variants of the custom Pteredo backdoor. Gamaredon has been launching cyber-espionage campaigns targeting the Ukrainian government and other critical entities since at least 2014. Read more at BleepingComputer.
Ca: Arnprior Regional Health determines Arnprior and District Family Health Team data caught up in IT system breach
The following is a somewhat confusing, and seemingly self-contradicting press release. DataBreaches.net has sent an email inquiry to ADFHT seeking clarification of what they mean by saying that although the investigation is ongoing, they have concluded that the personal health information in its electronic medical record was not compromised. What does “compromised” mean to them?…
Web scraping is legal, US appeals court reaffirms
Zack Whittaker reports: Good news for archivists, academics, researchers and journalists: Scraping publicly accessible data is legal, according to a U.S. appeals court ruling. The landmark ruling by the U.S. Ninth Circuit of Appeals is the latest in a long-running legal battle brougcht by LinkedIn aimed at stopping a rival company from web scraping personal…
Journalist detained after claiming Turkey’s e-government system was hacked
Bianet reports: The Ministry of Interior filed a complaint against İbrahim Haskoloğlu, a journalist who shared ID cards allegedly belonging to President Recep Tayyip Erdoğan and National Intelligence Organization (MİT) Chair Hakan Fidan on Twitter. After the complaint, the İstanbul Chief Public Prosecutor’s Office launched an investigation against the journalist for “illegally obtaining personal information.”…
Joint Cybersecurity Advisory: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
From the Summary: The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Treasury Department (Treasury) are issuing this joint Cybersecurity Advisory (CSA) to highlight the cyber threat associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) group since at least 2020….
Learning Opportunities from Ransomware and Redline Infostealer Events Inside America’s Universities
Britton White writes: After a university was recently hit with Ransomware, I decided to research the university’s domain name searching for any users who might have been hit with Redline Infostealer/Malware. To no surprise, I found many students had unknowingly had their saved browser credentials scraped (stolen/exfiltrated). It didn’t take long to find a student…