DDoS Attack Service Admin Behind 200,000 Attacks Face 35 Years in Prison
A federal jury in California, at the end of a nine-day trial, found an Illinois man guilty, who have operated several websites with paid DDoS attack services.
Source: https://QUE.com
After executing an investigation it was found that 32-year old Matthew Gatrel of St. Charles, Illinois allowed users to launch more than 200,000 DDoS attacks for which he may face 35-years in prison
continue reading: https://gbhackers.com/ddos-attack-service-admin-behind-200000-attacks-face-35-years-in-prison/
Researchers compile list of vulnerabilities abused by ransomware gangs
Security researchers are compiling an easy-to-follow list of vulnerabilities ransomware gangs and their affiliates are using as initial access to breach victims’ networks.
All this started with a call to action made by Allan Liska, a member of Recorded Future’s CSIRT (computer security incident response team), on Twitter over the weekend.
Since then, with the help of several other contributors that joined his efforts, the list quickly grew to include security flaws found in products from over a dozen different software and hardware vendors.
continue reading: https://www.bleepingcomputer.com/news/security/researchers-compile-list-of-vulnerabilities-abused-by-ransomware-gangs/
Cyberattack led to IT outage at 8 Texas cancer clinics: 36,000 exposed
QUE.com recommended this article for your situational awareness.
Austin (Texas) Cancer Centers began notifying 36,503 patients of a data breach that forced it to shut down its IT networks, according to data shared with the Maine attorney general’s office.
Six things to know:
- The cancer treatment network, which has eight locations, discovered Aug. 4 that hackers had deployed malware onto its systems, according to an Aug. 27 news release. The chain of cancer centers immediately shut down its IT network and law enforcement was contacted.
- Cybersecurity experts determined that hackers were able to stay invisible on the system since July 21. Austin Cancer Centers said that for security reasons, it took 14 days to identify, uncover and release the information. It also required its IT network to remain offline. The cancer treatment network notified Maine’s attorney general’s office Sept. 15, as required by Maine’s data breach laws that mandate reporting if at least one Maine resident was affected.
- The organization had to work manually to minimize patient disruption while its networks were offline.
- Austin Cancer Centers said it is unable to confirm if the attack was related to ransomware. The cancer center said it will release more information at a later time.
- Exposed information may include Social Security numbers, names, addresses, birthdates, credit card numbers and health-related information. Its experts worked daily to fully restore its IT systems and restore operations, according to an Aug. 27 data breach notification letter.
- To prevent a similar situation from happening in the future, all employees with the Austin Cancer Centers have undergone retraining related to this incident. For patients affected, Austin Cancer Centers offers online credit monitoring services and fraud insurance with coverage up to $1,000,000.
Source: https://www.beckershospitalreview.com/cybersecurity/cyberattack-leads-to-it-outage-at-texas-cancer-clinics-exposing-36-000.html
UK armed forces confirm cyber as fifth dimension of warfare
The UK’s armed forces are planning to make significant investments in cybersecurity capabilities and skills over the next few years, according to the country’s military leaders.
Cyber’s status as the “fifth domain” of warfare – alongside sea, land, air, and more recently, space – is forcing defense forces across the West to change how they operate.
This re-evaluation ranges from prioritizing the protection of digital communications, through bolstering defensive and offensive cybersecurity capabilities to building skills.
continue reading: https://portswigger.net/daily-swig/uk-armed-forces-confirm-cyber-as-fifth-dimension-of-warfare
Four Months on From Sophisticated Cyberattack, Alaska’s Health Department Is Still Recovering
Alaska is still dealing with the fallout of a hack – and its health department warns members of the public that their personal data might have been stolen, too.
Some systems at the Alaska Department of Health and Social Services (DHSS) are still offline after being hit by a nation-state backed cyberattack in May.
As a result of the incident, an unknown number of people have potentially had their personal information stolen. This information could include full names, dates of birth, social security numbers, telephone numbers, health information, financial information and other data, which cyber attackers could exploit.
continue reading: https://www.zdnet.com/article/four-months-on-from-sophisticated-cyber-attack-alaskas-health-services-is-still-recovering/
Mafia Works Remotely, Too, It Seems: 100+ People Suspected of Phishing, SIM Swapping, Email Fraud Cuffed
Police arrested 106 people suspected of carrying out online fraud for an organized crime gang linked to the Italian Mafia, Europol said on Monday.
Most of those detained were cuffed in Spain, and the rest in Italy, by Spanish National Police, Italian National Police, Europol, and Eurojust, we’re told.
It’s claimed the suspects scammed hundreds of victims using phishing; SIM swapping attacks, in which crooks typically take control of people’s cellphone numbers to get account login tokens texted to them; and so-called business email compromise, in which fraudsters typically use bogus invoices and the like to trick company staff into transferring money to the thieves.
continue reading: https://www.theregister.com/2021/09/21/europol_arrests/
Chinese APT Data-Harvesting Campaign Analyzed
Earlier this month, cybersecurity company McAfee Enterprise’s Advanced Threat Research team, working with McAfee’s Professional Services IR team, reported that an APT campaign dubbed Operation Harvest had been in operation for years. The threat actor is suspected to be a nation-state Chinese group, and APT27 and APT41 are reportedly the most likely candidates.
continue reading: https://www.bankinfosecurity.com/chinese-apt-data-harvesting-campaign-analyzed-a-17581
Microsoft Investigates Outlook Issues With Security Keys, Search
Microsoft is investigating several issues impacting Outlook customers and leading to problems related to security keys, search results, and more.
As the company explains, some users cannot add Gmail accounts if they use security keys for multi-factor authentication.
continue reading: https://www.bleepingcomputer.com/news/microsoft/microsoft-investigates-outlook-issues-with-security-keys-search/
Read more Cyber Security News at https://que.com/tag/cybersecurity/
Thank you for reading and stay safe.
@yehey [ Witness ]