Following the news that a media monitoring firm Isentia in Australia has been hit by a ransomware attack, impacting their work with government departments and the Australian Stock Exchange, please find a comment below security experts:
Author: ISBuzz Team
In the last few years, the MITRE ATT&CK framework has been key to many organisations combatting cyber threats. Essentially the framework is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations of cyberattacks. The objective of the framework is to create a comprehensive list of known adversary tactics and techniques used during a cyberattack. Open to government, education, and commercial businesses, it allows the collection of a wide and exhaustive range of attack stages and sequences. The mapping of the framework data, summarised as threat information, is ultimately one of the main activities that an IT security department will undertake. There are two ways that the data can be used by organisations for threat intelligence; they can be either consumers or producers.…
A data breach at Vastaamo, a Finnish nationwide psychotherapy practice, has resulted in the blackmailing of hundreds of patients. Excerpts (via Google Translator) of Vastaamo’s press release: “The Board of Directors of Psychotherapy Center has relieved the company’s CEO from office… On Wednesday, October 21, 2020, the psychotherapy center said that it had been the victim of a data breach and blackmail… it seems probable that the data breach that led to the theft of the customer database took place in November 2018. There has been a lack of protection in the customer information system of the correspondence, which criminals…
Following the news of the data breach at Vastaamo Psychotherapy clinic in Finland, it’s clear that when it comes to ransom-worthy personal details no data is safe, no matter how sensitive. Taking risks with cybersecurity is no longer an option especially in the healthcare industry.
Amazon has fired employees responsible for a customer data leak. Twitter has been abuzz as it is unknown how widespread the breach is and how many customers have been affected. The email sent by Amazon to affeted customer is read as follow: “We are writing to let you know that your e-mail address was disclosed by an Amazon employee to a third-party in violation of our policies. As a result, we have fired the employee, referred them to law enforcement, and are supporting law enforcement’s criminal prosecution.” “No other information related to your account was shared. This is not a result of…
A massive data breach suffered by the Nitro PDF service has impacted many well-known organizations, including Google, Apple, Microsoft, Chase, and Citibank. Claimed to be used by over 10 thousand business customers and 1.8 million licensed users, Nitro is an application used to create, edit, and sign PDFs and digital documents. On October 21, Nitro Software issued an advisory to the Australia Stock Exchange, stating that they were affected by a “low impact security incident” but that no customer data was impacted. Cybersecurity intelligence firm Cyble has revealed that a threat actor is selling the user and document databases, as…
As reported by CNN, Georgia county is ground zero for what may be the first ransomware attack to hit election infrastructure this political season. The attack on Hall County —located roughly an hour north of Atlanta — was disclosed on Oct. 7, but the impact on election infrastructure is only now coming to light. Among the county’s affected systems were a voter signature database, as well as a voting precinct map hosted on the county’s website, according to Katie Crumley, a Hall County spokesperson. The attackers in this case do not appear to have specifically targeted election systems; other county functions,…
Researcher Graham Cluley published that European IT services and digital transformation giant Sopra Steria has been hit by a ransomware attack. Sopra Steria employs 46,000 in 25 countries and generated revenue of €4.4 billion in 2019.
News reports last week revealed that US national security officials say Iran and Russia are responsible for sending threatening emails to Democratic voters ahead of next month’s presidential election. According to the news, Russians are breaking into state and local networks and exfiltrating data, while Hall County in Georgia has reported the first known ransomware attack on election infrastructure during the current election cycle. The FBI and CISA reported in a joint statement that Russian state-sponsored hackers obtained user and administrator credentials to target the computer networks of state and local governments, successfully infiltrating data from at least two victim…
New research suggests many organisations struggle to obtain high-quality threat data to guide key security decisions Neustar, Inc., a global information services and technology company and a leader in identity resolution, has released a new report from the Neustar International Security Council (NISC) which shows that organisations are often forced to make critical security decisions based on threat data that is not accurate, relevant and fresh. Just 60% of cybersecurity professionals surveyed indicate that the threat data they receive is both timely and actionable, and only 29% say the data they receive is both extremely accurate and relevant to the…
