FBI: We tracked who was printing secret documents to unmask ex-NSA suspect
A 30-year-old ex-NSA employee was accused by the FBI of trying to sell classified US information to a foreign government - after the Feds said they linked him to the printing of secret documents. The FBI also claimed it followed payment for the information as it moved from a cryptocurrency exchange to the former staffer's personal bank account. Jareh Sebastian Dalke allegedly began communicating with who he believed to be a foreign agent on July 29. READ MORE...
CommonSpirit Health says it experienced 'IT security incident' in multiple regions
CommonSpirit Health, one of the nation's largest health systems, said it experienced an "IT security incident" on Monday at an undisclosed number of facilities in multiple regions. "This is impacting multiple CommonSpirit divisions," spokesperson Chad Burns told Healthcare Dive in an emailed statement. CommonSpirit operates 140 hospitals and more than 1,500 sites of care across 21 states. READ MORE...
Los Angeles schools' data leaked after ransomware attack
Data stolen from the Los Angeles school system during a ransomware attack last month began appearing online Sunday. Vice Society, the prolific threat actor behind the attack, released data two days earlier than the deadline it set for a ransom payment. The potential damage caused by the data breach and leak remains unclear, but some Social Security numbers and W-9 forms were exposed, according to the Los Angeles Times. READ MORE...
Optus Says ID Numbers of 2.1 Million Compromised in Data Breach
Australian telecommunications company Optus says that 2.1 million of its customers had numbers associated with their identification documents compromised in a recent data breach. On September 22, the wireless carrier announced it had fallen victim to a cyberattack that resulted in the potential compromise of the personally identifiable information of some of its customers, without providing specifics on the number of impacted individuals. READ MORE...
FBI warns of "Pig Butchering" cryptocurrency investment schemes
The Federal Bureau of Investigation (FBI) warns of a rise in 'Pig Butchering' cryptocurrency scams used to steal ever-increasing amounts of crypto from unsuspecting investors. The warning was issued as a Private Industry Notification from the FBI Miami Field Office in coordination with the Internet Crime Complaint Center (IC3) yesterday to raise awareness among cryptocurrency investors who are increasingly being targeted by these types of scams. READ MORE...
Romance scammer deepfakes Mark Ruffalo to con elderly artist
Deepfakes have settled into a groove, as most scam techniques do. It seems most deepfakers have decided to make as much cash as possible from unsuspecting victims instead of doing anything particularly earth-shattering with their technology. One curious twist we may not have seen coming is the mashup of deepfake and romance scam, though this is a natural fit in many ways. Create a fictional entity, move from email to bogus video communications, and extract funds via wire transfer or a money-centric app. READ MORE...
Bumblebee Malware Loader's Payloads Significantly Vary by Victim System
A new analysis of Bumblebee, a particularly pernicious malware loader that first surfaced this March, shows that its payload for systems that are part of an enterprise network is very different from its payload for standalone systems. On systems that appear to be part of a domain - for example, systems that might share the same Active Directory server - the malware is programmed to drop sophisticated post-exploitation tools such as Cobalt Strike. READ MORE...
Web browser app mode can be abused to make desktop phishing pages
A new phishing technique using Chrome's Application Mode feature allows threat actors to display local login forms that appear as desktop applications, making it easier to steal credentials. The Application Mode feature is available in all Chromium-based browsers, including Google Chrome, Microsoft Edge and the Brave Browser. It can generate realistic-looking login screens that are hard to differentiate from a legitimate login prompt. READ MORE...
Critical Vulnerabilities Expose Parking Management System to Hacker Attacks
Nearly a dozen vulnerabilities have been found in a car parking management system made by Italian company Carlo Gavazzi, which makes electronic control components for building and industrial automation. The flaws were discovered by researchers at industrial cybersecurity firm Claroty in Carlo Gavazzi's CPY Car Park Server and UWP 3.0 monitoring gateway and controller products. The vendor released patches for the impacted products earlier this year. READ MORE...
- ...in 1927, sculptor Gutzon Borglum begins carving the heads of four US presidents on Mount Rushmore.
- ...in 1957, Sputnik I is launched, making it the first artificial satellite to orbit the Earth.
- ...in 1965, Pope Paul VI arrives in New York, the first Catholic pontiff ever to visit the United States and the Western hemisphere.
- ...in 2004, SpaceShipOne wins the Ansari X Prize, by being the first privately-funded craft to fly into space.
