China Hacked Treasury Dept. in ‘Major’ Breach, U.S. Says
The department notified lawmakers of the episode, which it said was linked to a state-sponsored actor in China. In a letter informing lawmakers of the episode, the Treasury Department said that it had been notified on Dec. 8 by a third-party software service company, BeyondTrust, that the hacker had obtained a security key that allowed it to remotely gain access to certain Treasury workstations and documents on them
US Treasury says China accessed government documents in 'major' cyberattack
Treasury officials attributed the December theft of unclassified documents to China. The Treasury said it was notified on December 8 by BeyondTrust, a company that provides identity access and remote support tech for large organizations and government departments, that hackers had “gained access to a key used by the vendor” for providing remote access technical support to Treasury employees. BeyondTrust disclosed the incident at the time, but did not say how the key was obtained.
Emerging Details of Chinese Hack Leave U.S. Officials Increasingly Concerned
Leaders of the big telecommunications companies were summoned to the White House to discuss strategies for overhauling the security of the nation’s telecommunications networks amid growing alarm at the scope of a Chinese hack.
Office of Public Affairs | Phobos Ransomware Administrator Extradited from South Korea to Face Cybercrime Charge
The Justice Department unsealed criminal charges today against Evgenii Ptitsyn, 42, a Russian national, for allegedly administering the sale, distribution, and operation of Phobos ransomware.
The story behind HISAA
Health care breaches lead to legislation Highlights of the new standard include: Performing and documenting a security risk analysis of exposure Documentation of a business continuity plan (BCP) Stress test of resiliency and documentation of any planned changes to the BCP A signed statement by both the CEO and CISO of compliance * A third-party audit to certify compliance (no later than six months after enactment)
Lynx Ransomware: A Rebranding of INC Ransomware
Discover recent attacks using Lynx ransomware, a rebrand of INC, targeting multiple crucial sectors in the U.S. and UK with prevalent double-extortion tactics. Discover recent attacks using Lynx ransomware, a rebrand of INC, targeting multiple crucial sectors in the U.S. and UK with prevalent double-extortion tactics.
Anonymous Sudan Takedown: Akamai's Role
The United States Department of Justice (DOJ) recently announced the takedown of Anonymous Sudan, a prolific entity in the distributed denial-of-service (DDoS) space who are known especially for their politically motivated hacktivism. This takedown is a huge step toward making the internet a safer place, and it required significant effort from multiple parties, including Akamai.
Two Sudanese Nationals Indicted for Alleged Role in Anonymous Sudan Cyberattacks on Hospitals, Government Facilities, and Other Critical Infrastructure in Los Angeles and Around the World
A federal grand jury indictment unsealed today charges two Sudanese nationals with operating and controlling Anonymous Sudan, an online cybercriminal group responsible for tens of thousands of Distributed Denial of Service (DDoS) attacks against critical infrastructure, corporate networks, and government agencies in the United States and around the world.
Crucial Texas hospital system turning ambulances away after ransomware attack
One of the largest hospitals in West Texas has been forced to divert ambulances after a ransomware attack shut down many of its systems last Thursday. The University Medical Center Health System in Lubbock confirmed on Friday that IT outages are being caused by a ransomware incident.
China-linked APT group Salt Typhoon compromised some US ISPs
China-linked threat actors compromised some U.S. internet service providers as part of a cyber espionage campaign code-named Salt Typhoon. The state-sponsored hackers aimed at gathering intelligence from the targets or carrying out disruptive cyberattacks. The Wall Street Journal reported that experts are investigating into the security breached to determine if the attackers gained access to Cisco Systems routers, which are core network components of the ISP infrastructures.