A bunch of people have alerted me to a vulnerability in #MoveIT, a secure file transfer app used heavily in the UK.
I did some digging and it looks like it’s a zero day under active exploitation. Not 100% on threat actor yet but it may be one of the ransomware/extortion groups.
Really serious, impacted orgs should shut down the server. Thread follows. #threatintel
RiteAid was just one of many victims of the #MOVEit#databreach by #Clop. Now they're being sued by plaintiffs who call them "reckless" and "negligent" for not having encrypted the protected health information.
Imagine if every covered entity or business associate who didn't encrypt #PHI got hacked was sued over a vendor breach.
In this day and age where healthcare entities are under siege, is it somewhat reckless or negligent not to encrypt? And if not, will it ever be generally considered reckless and negligent?
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #26/2023 is out! It includes, but not only:
➝ 🦠 🇺🇸 Schools say US teachers’ retirement fund was breached by #MOVEit hackers
➝ 🇨🇳 🇺🇸 Chinese spy #balloon did not collect information over US, #Pentagon says
➝ 🇨🇳 🦠 #TSMC Says Supplier Hacked After #Ransomware Group Claims Attack on Chip Giant
➝ 🇷🇺 Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks
➝ 🇷🇺 🛰️ Hackers attack Russian #satellite telecom provider, claim affiliation with #WagnerGroup
➝ 🇬🇧 ⚕️ More than a million #NHS patients’ details compromised after cyber attack
➝ 📊 🐛 #MITRE releases new list of top 25 most dangerous software #bugs
➝ 🇷🇺 Pro-Russia DDoSia hacktivist project sees 2,400% membership increase
➝ 💻 🛡️ #Brave Browser boosts privacy with new local resources restrictions
➝ 🦠 🏦 Anatsa Banking #Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland
➝ 🇺🇸 💵 White House releases cybersecurity budget priorities for FY 2025
➝ 🇺🇸 🇧🇷 8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses
➝ 🇬🇧 🔐 #Apple speaks out against bill that could mandate #CSAM scanning in iMessage
➝ 🇵🇭 2,700 People Tricked Into Working for Cybercrime Syndicates Rescued in #philippines
➝ 🇩🇪 ⚡️ #Siemens Energy confirms data breach after MOVEit data-theft attack
➝ 🕵🏻♂️ 📱 #LetMeSpy, a phone tracking app spying on thousands, says it was hacked
➝ 🦠 💰 Prominent #cryptocurrency exchange infected with previously unseen Mac #malware
➝ 🤖 📝 #LLMs and #IncidentResponse? It Starts with Summarization
➝ 🇺🇸 👨🏻🎓Hackers steal data of 45,000 New York City students in MOVEit breach
➝ 🇨🇦 ⛽️ Suncor Energy cyberattack impacts Petro-Canada gas stations
➝ 🦠 🕹️ Trojanized Super Mario Game Installer Spreads SupremeBot Malware
➝ 🇩🇪 💾 SSD missing from #SAP datacenter turns up on #eBay, sparking security investigation
When Grab PH bought motorcycle taxi app Move It, I thought I would become a 1st-time customer of that service. I use Grab, so it already has my info. I wouldn't need to sign up and type all my details. How convenient.
But Move It wasn't integrated into the Grab app. Instead, I would have to download a new app.
Progress Software is having an interesting time. First #MOVEit, now multiple #vulnerability disclosures for their #WS_FTP product. The silver lining here is that it doesn’t look like any of these are known to have been exploited in the wild. (Yet?)
But out of curiosity, we looked at the Internet exposure of WS_FTP instances with the Ad Hoc Transfer module installed, read about it here ⬇️
Datenleck bei Banken: Hackerangriff betrifft auch ING und Comdirect
Der Hackangriff bei einer Arvato-Tochter betrifft nicht nur Kunden der Deutschen Bank. Auch die ING und Comdirect haben einen unbefugten Zugriff eingeräumt.
More US universities have disclosed #MOVEit-related breaches via #NSC and/or #TIAA: Chapman, Xavier, Southern Utah, Utah Tech, St Mary’s and Lake-Sumter State College. #CU#XU#SUU#UTU#SMU#LSSC
Current victim count: 187
Individuals impacted: 17.552.619
US schools impacted: 17
Clop just removed Maximus - which provides IT for Medicaid, Medicare and more gov't programs - after the company confirmed 10 million people may have had their info accessed
This week, Nuance (a MSFT-owned tech firm) disclosed a number of their clients who are HIPAA-covered entities were affected by the MOVEit breach. They did not reveal numbers and their disclosure is not on HHS's public breach tool yet.
This time, it's (get this...) my employer's Canadian subsidiary's group health plan's provider's banking partner's provider of file transfer services, #MOVEit.
"The type of #data accessed could include any of..." <everything needed for #identity#theft>, and as an extra-special bonus, "#Health information relating to a claim"!