September 3, 2024 at 06:51AM The City of Columbus, Ohio, initially downplayed the impact of a ransomware attack in July. Subsequently, the city sued a researcher, David Leroy Ross, for disclosing the extent of the incident. Ross revealed that the attack was more significant than reported and shared stolen data, causing the city to offer … Read more
August 27, 2024 at 05:03PM Young Consulting (now Connexure) is notifying 954,177 individuals of a data breach stemming from a BlackSuit ransomware attack on April 10, 2024. The breach exposed personal information, and those affected will receive free credit monitoring. BlackSuit has leaked the stolen data, and impacted persons are warned to be vigilant for … Read more
August 26, 2024 at 03:35PM Patelco Credit Union recently experienced a data breach due to a RansomHub ransomware attack earlier this year, leading to the theft of customers’ personal data. Based on the meeting notes, it appears that Patelco Credit Union has informed its customers about a data breach caused by a RansomHub ransomware attack … Read more
August 26, 2024 at 02:35PM The Port of Seattle, operating Seattle-Tacoma International Airport, is investigating a “possible cyberattack” causing computer outages and flight delays. The disruption led to long lines, manual ticketing, and terminal screen issues. The website remains offline as authorities work with federal partners to investigate. The attack coincides with a rise in … Read more
August 26, 2024 at 09:12AM The American Radio Relay League (ARRL) recently disclosed paying a $1 million ransom after a ransomware attack in May 2024. The attack disrupted internal systems, leading to encrypted devices. ARRL stated that the attackers compromised on-site and cloud-based systems prior to the attack. The association has taken measures for system … Read more
August 26, 2024 at 05:45AM Patelco Credit Union, based in California, reported a data breach by a ransomware group. The attack compromised personal data from its systems, affecting 726,000 customers and employees. The stolen information includes names, Social Security numbers, and email addresses. The organization is offering two years of free identity protection services and … Read more
August 22, 2024 at 05:43PM Qilin ransomware group deployed a custom stealer to harvest Google Chrome credentials, constituting a concerning shift in ransomware tactics. The attack involved gaining network access, 18 days of reconnaissance, credential theft via PowerShell script, event logs deletion, and ransomware deployment. Organizations are advised to prohibit browser secret storage, implement multi-factor … Read more
August 22, 2024 at 02:21PM US oil giant Halliburton confirmed a cyberattack on its Houston offices, engaging external experts to investigate and mitigate the threat. The breach, with ransomware hallmarks, impacted the north Houston campus and global networks. The oil industry remains a lucrative target for ransomware, as seen with Colonial Pipeline’s $4.4 million ransom … Read more
August 21, 2024 at 05:18AM US semiconductor supplier Microchip Technology disclosed a cyberattack impacting its manufacturing facilities. The company detected suspicious activity on its IT systems on August 17, affecting some operations. It isolated affected systems, called in cybersecurity advisors, and is working to restore normal business operations. It’s unclear whether the attack will have … Read more
August 19, 2024 at 03:22PM CISA warns of critical Jenkins vulnerability (CVE-2024-23897) exploited for remote code execution. Multiple PoCs published online with over 28,000 exposed instances. Trend Micro reports exploitation started in March, with recent breaches affecting Indian banks. CISA orders FCEB agencies to secure servers by September 9, urging all organizations to prioritize fixing … Read more