Lawrence Abrams points us to some interesting findings by Advanced Intel, who pored through the Conti manuals and materials recently dumped by a disgruntled affiliate. An interesting tactic used by the ransomware gang is using the legitimate Atera remote access software as a backdoor for continued persistence. When conducting an attack, ransomware operations commonly deploy…
Secret terrorist watchlist with 2 million records exposed online
Ax Sharma reports: A secret terrorist watchlist with 1.9 million records, including classified “no-fly” records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. Read more on BleepingComputer. The government wouldn’t respond to inquiries by BleepingComputer as to whether this was the government’s Terrorist Screening Center list, and whether…
Healthcare provider expected to lose $106.8 million following ransomware attack
Sometimes (but not always), breaches have steep consequences. Catalin Cimpanu reports: Scripps Health, a California-based nonprofit healthcare provider that runs five hospitals and 19 outpatient facilities, said it expects to lose an estimated $106.8 million following a ransomware attack that hit the organization in May 2021. “Operating revenues and operating expenses for the quarter ended…
Exclusive: Attack on HVAC vendor gave threat actor access to Boston Children’s Hospital
If you think about “supply chain attack” and “HVAC,” you will probably immediately think of the headline-making Target breach of 2013. But that wasn’t the only breach via a third-party HVAC vendor. Just this month, several hospitals in Boston may have narrowly escaped potentially serious breaches when their HVAC vendor was hacked and the threat…
Hive ransomware attacks Memorial Health System, steals patient data
Yesterday, news broke that Memorial Health system in Ohio had been hit with a ransomware attack and that surgeries were being delayed. Today Ionut Ilascu reports more details, including that the attack appears to involve the Hive ransomware threat actors: BleepingComputer has seen evidence that the attackers have stolen databases with information belonging to 200,000…
JP Morgan Chase Bank Admitted Leaking Sensitive Data of its Customers
Ax Sharma reports: Chase Bank has admitted to the presence of a technical bug on its online banking website and app that allowed accidental leakage of customer banking information to other customers. […] The issue is believed to have lasted between May 24th and July 14th this year, and impacted both online banking and Chase Mobile app customers who…