In a joint public service announcement, CISA and the FBI are alerting American citizens that ransomware disruptions during voting periods will not disrupt the security of vote casting or counting. In prior elections, malicious actors have tried to manipulate public opinion and undermine the electoral process by spreading or amplifying false information. However, in the past, successful ransomware attacks on elections have remained localized. READ MORE...
After a long lull, cyber threats to the 2024 US elections spiked in recent days. Are parties, campaigns, and officials prepared for the moment? In just the last week, news broke of a Telegram bot collecting compromised credentials relating to the Democratic party and its National Convention (DNC). A candidate for president falsely accused his opponent of using artificial intelligence (AI) to make herself appear more popular. READ MORE...
New York City-based nonprofit healthcare organization Jewish Home Lifecare has revealed that a data breach disclosed earlier this year impacts more than 100,000 individuals. Jewish Home Lifecare, which is now called The New Jewish Home and which specializes in providing healthcare services to the elderly, informed customers in February that it had discovered unusual activity on its network on January 7. READ MORE...
The City of Flint, Michigan, is scrambling to restore network systems impacted by an August 14 ransomware attack that knocked some of its online services offline. The attack impacted the city's payment and communication services, but did not affect emergency services, including 911, dispatch, law enforcement, and fire operations, Flint said in an incident notice on its website, which is hosted on a separate server and was not affected. READ MORE...
The Oregon Zoo is notifying roughly 118,000 individuals that their names and payment card information was stolen from its online ticketing service. The incident was identified on June 26 and resulted in names, payment card numbers, CVVs, and expiration dates being exfiltrated. According to the zoo, threat actors redirected transactions from the third-party vendor that processed online ticketing purchases for Oregon Zoo. READ MORE...
Interactive intrusions, attacks involving hands-on-keyboard activities within a victim's environment, were up 55% in the last year, CrowdStrike said last week in a threat hunting report. The cybersecurity vendor's threat intelligence outfit attributed nearly 9 in 10 interactive intrusions to e-crime activity during the one year period ending June 30. Hands-on-keyboard attacks jumped 75% in the healthcare sector and 60% in the technology industry, the report found. READ MORE...
Malware that kills endpoint detection and response (EDR) software has been spotted on the scene and, given it's deploying RansomHub, it could soon be prolific. Discovered by Sophos analysts after a failed attack and dubbed EDRKillShifter, the malware leverages legitimate but vulnerable drivers on Windows machines to deliver ransomware to targets. Both variants tested by Sophos analysts make use of known vulnerable drivers with publicly available proofs of concept. READ MORE...
OpenAI identified and banned a cluster of accounts this week that the company said Friday were part of a "covert Iranian influence operation" that generated content related to a variety of issues, including the U.S. presidential elections. The news comes less than a week after former President Donald Trump's campaign said that it had been compromised by a cyber operation that Microsoft linked to Iran's Islamic Revolutionary Guard Corps (IRGC). READ MORE...
IT admins usually know what to watch out for when end users are creating weak, easy-to-guess passwords. However, a common yet overlooked type of weak password are keyboard walk patterns. A keyboard walk password typically refers to a password created by moving sequentially over the keyboard keys in a pattern that resembles walking. These are passwords formed by keys that are next to each other on the keyboard, such as 'qwerty' or 'asdfgh'. READ MORE...