It would be great if the good guys had backups as good as the threat actors have. Threat actors who call themselves “ALTDOS” have re-emerged after a brief hiatus that had left this site wondering if something had happened to them following a joint advisory about them. ALTDOS has attacked a number of ASEAN firms,…
TrickBot gang member arrested after getting stuck in South Korea due to COVID-19 pandemic
Catalin Cimpanu reports: A Russian man was arrested last week at the Seoul international airport on accusations of developing code for the TrickBot malware gang. The man, identified in local media reports only as Mr. A, was arrested trying to leave South Korea for his native home in Russia after he’d been stuck in the…
Nevada Restaurant Services, Inc. Provides Notice Of Data Privacy Event
From the I-have-questions department: Nevada Restaurant Services reported that they experienced a breach in January of this year and that the threat actor was able to copy some of their files. The type of data varied by person but the notification stated that the scope of information potentially involved includes individuals’ name, date of birth,…
Chinese hackers behind July 2021 SolarWinds zero-day attacks
Catalin Cimpanu reports: In mid-July this year, Texas-based software provider SolarWinds released an emergency security update to patch a zero-day in its Serv-U file transferring technology that was being exploited in the wild. At the time, SolarWinds did not share any details about the attacks and only said that it learned of the bug from…
NC: Sandhills Center Provides Notice of Potential Data Theft
On July 30, 2021, DataBreaches.net reported on a claimed cyberattack against Sandhills Center in North Carolina. Data for sale had shown up on the “Marketo” site, and when DataBreaches.net looked at the “proof packs,” of data, they included psychological evaluations and other documents with personal and sensitive information. Much of the data was old, and…
Student files class action lawsuit against Syracuse University over data breach that affected 10,000
Michael Sessa reports: A Syracuse University student affected by a data breach that exposed the names and Social Security numbers of nearly 10,000 students, alumni, and applicants is suing the university for negligence. The class action lawsuit, which was filed in Onondaga County Supreme Court on Thursday, alleges that inadequate cybersecurity protocols and poor staff…