InfoSecBulletin Cybersecurity for mankind
Since its inception, the BlackCat ransomware group (aka ALPHV) has created quite some havoc among organizations across the world. It recently hit a Canadian software firm and threatened to leak a massive trove of data. On the topic of data breaches, the March attack on NextGen Healthcare impacted over a million people – revealed a new update. In other news, France is facing some serious trouble as a pro-Russian threat actor took down many government websites, including one belonging to the French Senate. Here’s everything that transpired over the weekend.
01
Canadian software company Constellation Software suffered a data breach from the ALPHV ransomware gang, who stole over 1 TB of files and threatened to leak them if the company refused to pay the ransom.
02
NextGen Healthcare began notifying about one million people that their personal data, including names, birth dates, addresses, and SSNs, was exposed in the March security breach.
03
The Money Message group leaked MSI‘s private code signing keys for firmware images used on 57 products and private signing keys for Intel Boot Guard used on 116 products on the dark web.
04
Catholic Health‘s long-term care residents may have been affected by a data breach that targeted Minimum Data Set Consultants (MDS), a firm that provides consulting services to skilled nursing facilities.
05
Akira ransomware is targeting corporate networks globally and has already attacked 16 companies in industries such as education, finance, real estate, manufacturing, and consulting – discovered MalwareHunterTeam.
06
Pro-Russian threat group NoName launched a DDoS attack on the French Senate‘s website, causing it to go offline. Other victims claimed by the group include the French National Institute of Labour, Employment and Vocational Training, and others.
07
Western Digital took its store offline and confirmed that the hackers pilfered customer names, billing and shipping addresses, contact details, partial credit card numbers, and hashed passwords in the March cyberattack.
08
The Crown Princess Mary Cancer Centre in Sydney has reportedly been targeted by the Medusa ransomware group that is demanding a ransom of $100,000 by Friday.
09
Hackers claiming to have breached Socrates Academy and Movement School in Matthews posted folders containing sensitive information—copies of checks, PayPal payments, tax information, and others—on Twitter.
10
A new ransomware operation called Cactus was found using encryption to protect its binary exploiting known vulnerabilities in Fortinet VPN appliances for initial network access.
