Reposted by brumbo
The City of Dallas has shifted the onus of the breach onto their victims. After unauthorized parties accessed everything from full names and addresses to SSNs and insurance info, The City of Dallas believes two years of credit monitoring is remediation🤦♂️
City of Dallas confirms unauthorized third party downloaded city data from servers in ransomware att...
A dedicated response center has been established by the city to help those who may have been affected by the attack.
www.wfaa.com
August 4, 2023 at 7:49 PM
The City of Dallas has shifted the onus of the breach onto their victims. After unauthorized parties accessed everything from full names and addresses to SSNs and insurance info, The City of Dallas believes two years of credit monitoring is remediation🤦♂️
Reposted by brumbo
These criminals stole 120,000 Bitcoin in 2016. They tried to tumble the coins, using mixers to obscure the origins of the funds, exchange some for gold, and employed other laundering tactics. Law enforcement recovered nearly all of the $4.5b stolen.
Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016
A married couple from New York pleaded guilty this week to laundering billions of dollars in proceeds of illegal activities.
securityaffairs.com
August 4, 2023 at 7:01 PM
These criminals stole 120,000 Bitcoin in 2016. They tried to tumble the coins, using mixers to obscure the origins of the funds, exchange some for gold, and employed other laundering tactics. Law enforcement recovered nearly all of the $4.5b stolen.
Reposted by brumbo
why does rudy guiliani look like a goomba
August 3, 2023 at 11:58 PM
why does rudy guiliani look like a goomba
Reposted by brumbo
An ongoing attack has disrupted hospital operations in five states. Starting Thursday night, facilities operated by Prospect Medical Holdings in CA, TX, CT, RI, and PA have had service disruptions due to the attack. Patients are being routed elsewhere.
A Cyberattack Has Disrupted Hospitals and Health Care in Five States
A cyberattack has disrupted hospital computer systems in several states, forcing some emergency rooms to close and ambulances to be diverted.
www.securityweek.com
August 4, 2023 at 7:22 PM
An ongoing attack has disrupted hospital operations in five states. Starting Thursday night, facilities operated by Prospect Medical Holdings in CA, TX, CT, RI, and PA have had service disruptions due to the attack. Patients are being routed elsewhere.
Reposted by brumbo
A malicious version of the legit vconnector, calling itself VMConnect, is trying to pass itself off as the legitimate version of the VMware vSphere connection module. It contains a base64 encoded string that executes on a separate process every minute.
Fake VMware vConnector package on PyPI targets IT pros
A malicious package that mimics the VMware vSphere connector module 'vConnector' was uploaded on the Python Package Index (PyPI) under the name 'VMConnect,' targeting IT professionals.
www.bleepingcomputer.com
August 4, 2023 at 7:42 PM
A malicious version of the legit vconnector, calling itself VMConnect, is trying to pass itself off as the legitimate version of the VMware vSphere connection module. It contains a base64 encoded string that executes on a separate process every minute.
Reposted by brumbo
Embedding malware in exe's that appear trusted and benign has become a popular attack vector. As we saw with the OBS malvertizing campaign, adversaries are using trusted software to compromise users looking to install or update these programs.
Fake TeamViewer Installer Used to Deliver njRAT Malware
Twitter @Hackread - Facebook @ /Hackread
www.hackread.com
July 15, 2023 at 8:11 PM
Embedding malware in exe's that appear trusted and benign has become a popular attack vector. As we saw with the OBS malvertizing campaign, adversaries are using trusted software to compromise users looking to install or update these programs.
Reposted by brumbo
Storm-0558 targeted over two dozen organizations and compromised a Federal Civilian Executive Branch agency's Email environments. This China-linked threat actor has focused on notable figures, departments, and think tanks.
Chinese hackers compromised emails of US Government agencies
China-linked threat actors have compromised the emails of an unnamed US Federal Civilian Executive Branch (FCEB) agency.
securityaffairs.com
July 15, 2023 at 7:45 PM
Storm-0558 targeted over two dozen organizations and compromised a Federal Civilian Executive Branch agency's Email environments. This China-linked threat actor has focused on notable figures, departments, and think tanks.
Reposted by brumbo
Vulnerabilities in Rockwell Automation PLCs' communication modules can result in RCE or DoS. Attackers can then do a variety of things like exfiltrate data, establish persistence, and more.
Critical RCE Vulnerability in Rockwell Automation PLCs Zaps ICS
Rockwell Automation and CISA warn of security vulnerabilities that affect power plants, factories, and other critical infrastructure sites.
www.darkreading.com
July 13, 2023 at 10:19 PM
Vulnerabilities in Rockwell Automation PLCs' communication modules can result in RCE or DoS. Attackers can then do a variety of things like exfiltrate data, establish persistence, and more.
Reposted by brumbo
AI-assisted Business email compromise attacks are on the rise. Using maliciously trained models, these criminals are able to rapidly iterate while launching spearphishing campaigns. AI has greatly reduced the overhead associated with these attacks.
WormGPT Cybercrime Tool Heralds an Era of AI Malware vs. AI Defenses
A black-hat alternative to GPT models specifically designed for malicious activities like BEC, malware, and phishing attacks is here, and will push organizations to level up with generative AI themsel...
www.darkreading.com
July 13, 2023 at 8:44 PM
AI-assisted Business email compromise attacks are on the rise. Using maliciously trained models, these criminals are able to rapidly iterate while launching spearphishing campaigns. AI has greatly reduced the overhead associated with these attacks.
Reposted by brumbo
French Law Enforcement is being enabled to use spyware for investigations. They intend to tap microphones, turn on cameras, and collect GPS data. They also can tap into laptops, in-car entertainment systems, and IoT devices.
France 's government is giving the police more surveillance power
The French government is going to grant law enforcement the power to spy on suspects through smartphones and other devices.
securityaffairs.com
July 10, 2023 at 6:31 PM
French Law Enforcement is being enabled to use spyware for investigations. They intend to tap microphones, turn on cameras, and collect GPS data. They also can tap into laptops, in-car entertainment systems, and IoT devices.
Reposted by brumbo
Microsoft asserted that Anonymous Sudan is lying about their recent customer data acquisition. Microsoft claims they 'have seen no evidence' of customer data being compromised or accessed. Anonymous Sudan has been very active in their few years of activity.
Microsoft rubbishes Anonymous Sudan's claim of Stealing 30M accounts
Follow us on Twitter @Hackread - Facebook @ /Hackread
www.hackread.com
July 5, 2023 at 8:43 PM
Microsoft asserted that Anonymous Sudan is lying about their recent customer data acquisition. Microsoft claims they 'have seen no evidence' of customer data being compromised or accessed. Anonymous Sudan has been very active in their few years of activity.
Reposted by brumbo
Akira follows the big dogs in developing Linux capabilities, broadening their scope with respect to ransomware attacks. Cl0p, Royal, and Ice Fire previously did the same. Akira is new on the scene but rapidly expanding, having disclosed 46 victims so far.
Newbie Akira Ransomware Builds Momentum With Linux Shift
A new version of the double-extortion group's malware reflects a growing trend among ransomware actors to expand cybercrime opportunities beyond Windows.
www.darkreading.com
June 29, 2023 at 8:16 PM
Akira follows the big dogs in developing Linux capabilities, broadening their scope with respect to ransomware attacks. Cl0p, Royal, and Ice Fire previously did the same. Akira is new on the scene but rapidly expanding, having disclosed 46 victims so far.
Reposted by brumbo
LetMeSpy is marketed towards employers and parents, enabling them to silently spy on their subordinates. During the breach, criminals exfiltrated emails, phone numbers, and SMS message contents. LetMeSpy logs locations and much more.
Android Spy App LetMeSpy Suffers Major Data Breach, Exposing Users' Personal Data
LetMeSpy, an Android phone monitoring app, suffers a major security breach, compromising sensitive data of thousands.
thehackernews.com
June 29, 2023 at 7:53 PM
LetMeSpy is marketed towards employers and parents, enabling them to silently spy on their subordinates. During the breach, criminals exfiltrated emails, phone numbers, and SMS message contents. LetMeSpy logs locations and much more.
Reposted by brumbo
A group claiming to be allied with the Wagner mercenaries has performed a cyber attack that has disabled Russian satellite operator Dozor. Dozor provides connections to utilities, oil fields, military units, the FSB and more! Signs point to Ukrainian ops.
Hackers attack Russian satellite telecom provider, claim affiliation with Wagner Group
The attackers released nearly 700 files associated with the attack.
cyberscoop.com
June 29, 2023 at 7:43 PM
A group claiming to be allied with the Wagner mercenaries has performed a cyber attack that has disabled Russian satellite operator Dozor. Dozor provides connections to utilities, oil fields, military units, the FSB and more! Signs point to Ukrainian ops.