-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Jun 30, 2023
> Joseph James “PlugwalkJoe” O’Connor, a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter, has been sentenced to five years in a U.S. prison. That may seem like harsh punishment for a brief and very public cyber joy ride. But O’Connor also pleaded guilty in a separate investigation involving a years-long spree of cyberstalking and cryptocurrency theft enabled by “SIM swapping,” a crime wherein fraudsters trick a mobile provider into diverting a customer’s phone calls and text messages to a device they control.
> What is Black Basta Ransomware? Black Basta is a threat group that provides ransomware-as-a-service (RaaS).
> On its website, Perpetual lists Tech Mahindra as its registry provider. The Indian firm has suffered a ransomware attack that came to light in March 2021, when its Smart City Project in Pune crippled 25 of its servers.
> Perpetual has about $210 billion in funds under management. The company said it had previously reported an extended outage as a result of the incident.
> A newly emerged ransomware known as Akira expands its operations to target Linux-based platforms which add the “.akira” file extension to each compromised file.
> By targeting ESXi servers, a threat actor can encrypt many servers running as virtual machines in a single run of the ransomware encryptor.
> Security updates have been issued by Debian (chromium and maradns), SUSE (iniparser, kubernetes1.23, python-reportlab, and python-sqlparse), and Ubuntu (accountsservice and linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon).
> Global hackers that took aim at a foreign government have also claimed responsibility for a data breach at Lumberton ISD, according to an email sent to an East Texas newspaper. Wanting to warn the local school district’s stakeholders about the compromised intel, staff from the out-of-town daily reached out to The Examiner with the news on June 26. […]
> According to Edwards, the email from Rhysida contained attachments showing W-9 files, Social Security cards, Texas Driver licenses, passports, a substitute teacher’s application form, spread sheets that appear to contain Social Security numbers of students or employees, a vendor form with a Social Security number and tax identification number, and addresses from Lumberton ISD.
> The notice does not state when they first discovered the breach, but only that “Upon learning of the incident, Barrow County promptly began an internal investigation and engaged a forensic security firm to investigate the incident and secure its computer and email systems.”
> A ransomware attack discovered at Chattanooga State Community College in May compromised the personal information of 1,244 people, according to the college.
> The majority of the people affected had taken the GED test at the college’s testing center in 2012 and 2013, the college said in a news release Tuesday.
> The attack exposed personal information from pilot applicants, prompting both airlines to ditch their third-party provider and move services internally.
> A lawyer in Cherry Hill, New Jersey, has been censured after acknowledging that he “fell into stupid” and accessed his former law firm’s computer system to monitor his former partner’s business activity.
> The New Jersey Supreme Court censured lawyer Justin L. Scott in a May 31 order, Law360 reports.
> The New Jersey Supreme Court’s disciplinary review board had recommended a censure in an October 2022 decision.
> NHS details of more than a million patients have been compromised in a cyberattack, senior health chiefs have been warned.
> A recent ransomware attack on the University of Manchester affected an NHS patient data set that holds information on 1.1 million patients across 200 hospitals, leaks to The Independent have confirmed.
> Among the details potentially exposed are NHS numbers and the first three letters of patients’ postcodes.
> A Whitworth University student is asking a federal judge to approve a class action against the school for damages stemming from a ransomware attack discovered in July 2022 that affected more than 65,500 people.
> The lawsuit, filed Thursday in U.S. District Court in Spokane, alleges Whitworth was negligent in allowing a still-unidentified attacker to access health, financial and personal data of past and present students, staff and faculty. It was filed by Patrick Loyola, identified in court documents as a student at the time of the attack. The university initially reported the incident as a “sophisticated security issue” in August before informing the Washington attorney general’s office in October that a ransomware attack had occurred.
> After a cybersecurity audit mistakenly reset everyone’s password, a high school changed every student’s password to “Ch@ngeme!” giving every student the chance to hack into any other student’s account, according to emails obtained by TechCrunch.
> Last week, Oak Park and River Forest (OPRF) High School in Illinois told parents that during a cybersecurity audit, “due to an unexpected vendor error, the system reset every student’s password, preventing students from being able to log in to their Google account.”
> The Henrietta Johnson Medical Center in Delaware has posted notice that some patient data was involved in a breach at Delaware Health Network (“DHN”). DHN is a healthcare-controlled network provider and electronic health records management provider that provides services to Henrietta Johnson Medical Center (“HJMC”) and other entities.
> According to HJMC’s notice, DHN experienced a “cyber event” that began on April 5. That incident involved unauthorized access to systems and the copying of certain files. And also according to their notice, to date, DHN has not identified the precise patient data that may have been impacted. Unsurprisingly, then, HJMC submitted a report to HHS on June 27 that indicated 500 patients were affected, which DataBreaches interprets as a marker for “Hey, we know we have more than 500 patients affected and we have to report within 60 days, so we’re letting you know we had a breach.”
-- Response ended
-- Page fetched on Thu Jun 13 21:59:56 2024