Dan Diamond reports: A cyberattack took Maryland’s health department offline this weekend, as officials worked to assess the extent of the intrusion. “The Maryland Security Operations Center is investigating a network security incident involving the Maryland Department of Health,” Andy Owen, a department spokesman, said in a statement to The Washington Post. “Certain systems have…
U.S. State Department phones hacked with Israeli company spyware – sources
Christopher Bing and Joseph Menn reports: Apple Inc iPhones of at least nine U.S. State Department employees were hacked by an unknown assailant using sophisticated spyware developed by the Israel-based NSO Group, according to four people familiar with the matter. The hacks, which took place in the last several months, hit U.S. officials either based…
Utility biz Delta-Montrose Electric Association loses billing capability and two decades of records after cyber attack
Gareth Corfield reports: A US utility company based in Colorado was hit by a ransomware attack in November that wiped out two decades’ worth of records and knocked out billing systems that won’t be restored until next week at the earliest. The attack was detailed by the Deltca-Montrose Electric Association (DMEA) in a post on…
TSA issues security rules for rail operators
Lindsey O’Donnell-Welch reports: New cybersecurity requirements from the Transportation Security Administration (TSA) give freight railroads, passenger rail and rail transit operators a 24-hour deadline for reporting security incidents. Starting on Dec. 31, “high-risk” operators and owners across the rail sector must take a number of steps to bolster the cybersecurity of their systems. They must…
Bitmart hacked; Estimated loss of $200M
Lipka Deka reports: Crypto exchange firm Bitmart suffered a large-scale hack incurring a total loss of approximately $200 million. The news was first brought to the attention by security analytics entity Pecksheild Inc who raised an alarm of the reported breach on Saturday night. Pechsheild sent out the tweet detailing the suspicious amount of outflows of a…
Who Is the Network Access Broker ‘Babam’?
Brian Krebs reports: Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network. In this post we’ll look at…