Maine disclosed one of the most extensive U.S. state-affiliated MOVEit breaches to date, one that's representative of a compromise of its entire population. "Maine has determined that this incident has impacted approximately 1.3 million individuals, with the type of data affected differing from person to person," the state said Thursday. Maine's estimated population was 1,385,000 as of July 2022, according to the U.S. Census Bureau. READ MORE...
DP World, Australia's largest container terminal and supply chain operator, has been hit by a cyberattack that resulted in significant disruptions at several major Australian ports. In response to the attack, DP World disconnected its systems from the internet and shut down land operations at ports in Sydney, Melbourne, Fremantle and Brisbane. Ships could still unload their containers, but the incident has prevented freight from leaving the port. READ MORE...
The notorious LockBit ransomware group has leaked gigabytes of files allegedly stolen from the systems of aerospace giant Boeing. LockBit recently named Boeing on its leak website, claiming that "a tremendous amount of sensitive data" has been stolen, but later removed the company from its site, saying that negotiations had started. Boeing was later once again added to the LockBit website and data allegedly stolen from its systems has now been leaked, indicating that the company has refused to pay a ransom. READ MORE...
Security researchers are warning that hackers are targeting multiple healthcare organizations in the U.S. by abusing the ScreenConnect remote access tool. Threat actors are leveraging local ScreenConnect instances used by Transaction Data Systems (TDS), a pharmacy supply chain and management systems solution provider present in all 50 states. Researchers at managed security platform Huntress spotted the attacks and report seeing them on endpoints from two distinct healthcare organizations. READ MORE...
In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian clearly has not addressed this gaping lack of security. I know that because my account at Experian was recently hacked, and the only way I could recover access was by recreating the account. READ MORE...
For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established. Underscoring the importance of their discovery, the researchers used their findings to calculate the private portion of almost 200 unique SSH keys they observed in public Internet scans taken over the past seven years. READ MORE...
The disruptive ransomware attack on the world's largest bank this week, the PRC's Industrial and Commercial Bank of China (ICBC), may be tied to a critical vulnerability that Citrix disclosed in its NetScaler technology last month. The situation highlights why organizations need to immediately patch against the threat if they haven't done so already. The so-called "CitrixBleed" vulnerability affects multiple on-premises versions of Citrix NetScaler ADC and NetScaler Gateway application delivery platforms. READ MORE...