It appears that a third-party vendor has quietly paid ransom to unidentified threat actors. In a press release yesterday, Renaissance Life & Health Insurance Company of America says they were notified on June 1 by their vendor, Secure Administrative Solutions LLC (“SAS”), of a ransomware incident that involved unauthorized access to its systems occurred between…
EE: RIA unlikely to be fined over mass photo hack, victims not compensated
ERR News reports that a recently reported data security incident is unlikely to result in any monetary penalty or compensation claims: A recent hack by a single individual of close to 300,000 personal identification photos from the State Information System (RIA) is unlikely either to result in compensation to those whose data was stolen, or…
New destructive Meteor wiper malware used in Iranian railway attack
Lawrence Abrams reports: A new file wiping malware called Meteor was discovered used in the recent attacks against Iran’s railway system. Earlier this month, Iran’s transport ministry and national train system suffered a cyberattack, causing the agency’s websites to shut down and disrupting train service. The threat actors also displayed messages on the railway’s message boards…
Ransomware via a call centre? BazaCall means no email attachment or link required for infection
Graham Cluley writes: Unsuspecting users of Office 365 are being tricked by a cybercriminal gang into calling a bogus call centre, with the eventual intention of installing ransomware onto their computers. Microsoft has warned that fraudulent emails are being sent out, attempting to trick users into calling a phone number operated by a cybercrime group. Read more…
DOJ says SolarWinds hack impacted 27 state attorneys’ offices
Catalin Cimpanu reports: The Russian hackers who orchestrated the SolarWinds supply chain attack pivoted to the internal network of the US Department of Justice, from where they gained access to Microsoft Office 365 email accounts belonging to employees at 27 state attorneys’ offices, the DOJ said in a statement on Friday afternoon. Read more on…
Illinois AG Raoul Spends $2.5M On Ransomware Hack: Report
Jeff Arnold reports: Illinois Attorney General Kwame Raoul’s office spent more than $2.5 million for cybersecurity after a ransomware hack in April that put the personal data of an unknown number of residents at risk and came after federal authorities told him that his office’s cybersecurity systems were lacking. …. In the meantime, Raoul’s office…