Fresh off an intrusion by Conti last month, Costa Rica has been attacked by the Hive ransomware gang. According to the AP, Hive hit Costa Rica's Social Security system, and also struck the country's public health agency, which had to shut down its computers on Tuesday to prevent the spread of a malware outbreak. The Costa Rican government said at least 30 of the agency's servers were infected, and its attempt at shutting down systems to limit damage appears to have been unsuccessful. s. READ MORE...
The personal information of more than 30,000 students was found on an improperly secured Elasticsearch server, security researchers with SafetyDetectives report. The server, the researchers say, was left connected to the Internet and did not require a password to allow access to the data within. Thus, it exposed more than one million records representing the personally identifiable information (PII) of 30,000 to 40,000 students, the researchers estimate. READ MORE...
Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang. Industrial Spy is a hacking group that runs an extortion marketplace where they sell data stolen from compromised organizations. Yesterday, the hacking group began selling data allegedly stolen from Novartis on their Tor extortion marketplace for $500,000 in bitcoins. READ MORE...
Apple said this week that it blocked more than 343,000 iOS apps were blocked by the App Store App Review team for privacy violations last year, while another 157,000 were rejected for attempting to mislead or spamming iOS users. The company added that it also blocked over 34,500 applications from getting indexed on the App Store because they were using undocumented or hidden features. Apple also removed 155,000 more apps for bait-and-switch tactics, such as adding new features or capabilities after approval. READ MORE...
Security researchers say there is the potential for significant impact on businesses worldwide, as millions of enterprise users depend on Microsoft Office to conduct business. The company has thus far only issued workarounds for the vulnerability. Microsoft warned late Monday the vulnerability, if successfully exploited could allow an attacker to install programs, change or delete data or create new accounts. READ MORE...
On January 14th this year, a raid by Russian law enforcement authorities made headlines all over the world, as it resulted in the arrests of 14 members of the infamous Sodinokibi/REvil ransomware gang. The crackdown came after a series of talks between U.S. and Russian officials, including June's Geneva meeting between Presidents Biden and Putin. The Russian intelligence agency, FSB, confirmed that "the individual responsible for the attack on Colonial Pipeline last spring" was arrested as part of the raid. READ MORE...
The U.S. Federal Trade Commission (FTC) says over 46,000 people Americans have reported losing more than $1 billion worth of cryptocurrency to scams between January 2021 and March 2022. This is a significant increase compared to last year's report issued by the FTC, when the agency revealed that roughly $80 million were lost to cryptocurrency investment scams based on around 7,000 reports. READ MORE...