US Defense Contractor Discloses Data Breach

Dark Reading reports: Electronic Warfare Associates (EWA), a US defense contractor, has confirmed a data breach in which attackers exfiltrated files containing personal information. The breach began with a phishing attack that had “some limited impact” on EWA email accounts, officials report in a notification letter. Their investigation determined an attacker broke into EWA email...

bZx Network Hacked for $55M

Vishal Chawla reports: bZx, a widely-used DeFi protocol, has lost $55 million to an unknown hacker who it claims gained illegitimate access to its private key. It is still not clear how the hackers carried out the attack. Read more on Crypto Briefing although not much is known at the time of this posting.

INTERPOL-led operation takes down prolific cybercrime ring

Interpol has released more details about  theJune, 2021 takedown and arrest of people associated with CLOP and other groups. The following is today’s press release: SEOUL, Korea – A 30-month transcontinental investigation and operation has resulted in arrests and Red Notices for suspects believed to be behind a global malware crime network. Two Red...

Black Shadow hackers leak medical records of 290,000 Israeli patients

The Times of Israel reports: In its second major leak in a day, the Black Shadow hacking group on Tuesday night uploaded what it said was the full database of personal information from Israel’s Machon Mor medical institute, including medical records of some 290,000 patients. The directory reportedly includes information on patients’ blood tests,...

What happened, Friday edition

It’s often quite difficult to code incidents for analysis purposes.  Consider the following notification’s description of what happened, as one example: Mesa, AZ: November 3, 2021 – Baywood Medical Associates, PLC dba Desert Pain Institute (“DPI”), a health care provider specializing in pain management located in Mesa, Arizona, has become aware of a data security...

Cyberattack Hits Multiple Greek Shipping Firms

The Maritime Executive reports: Multiple Greek shipping companies have been hit by a ransomware attack that spread through the systems of a popular, well-established IT consulting firm, according to Greek outlet Mononews. Danaos Management Consultants, the IT service provider whose services were affected by the hack, confirmed the incident and. The company said that...

CISA urges vendors to patch BrakTooth bugs after exploits release

Sergiu Gatlan reports: Researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against System-on-a-Chip (SoC) security bugs impacting multiple vendors, including Intel, Qualcomm, Texas Instruments, and Cypress. Collectively known as BrakTooth, these 16 flaws impact commercial Bluetooth stacks on over 1,400 chipsets used in billions of devices such...

US sanctions four companies selling hacking tools, including NSO Group & Candiru

Catalin Cimpanu reports: The US government has sanctioned today four companies that develop and sell spyware and other hacking tools, the US Department of Commerce announced today. The four companies include Israel’s NSO Group and Candiru, Russian security firm Positive Technologies, and Singapore-based Computer Security Initiative Consultancy. Read more on The Record.

Conservatives call for investigation into government data breaches that may have put Afghans in danger

CBC reports: The Conservatives have written to Privacy Commissioner Daniel Therrien to complain about a pattern of data breaches at Immigration, Refugees and Citizenship Canada (IRCC), CBC News has learned. The complaint is in response to a string of misdirected emails last month that may have exposed hundreds of vulnerable Afghans to danger. Read more on...

Reward Offers for Information to Bring DarkSide Ransomware Variant Co-Conspirators to Justice

PRESS STATEMENT NED PRICE, DEPARTMENT SPOKESPERSON NOVEMBER 4, 2021 The U.S. Department of State announces a reward offer of up to $10,000,000 for information leading to the identification or location of any individual(s) who hold(s) a key leadership position in the DarkSide ransomware variant transnational organized crime group. In addition, the Department is also...