Apr 182019
 

Keith Edwards reports:

A malicious computer virus that hit the city overnight and froze the city’s computer network forced the closure of Augusta City Center Thursday.

The virus, which officials said was intentionally inflicted upon the city’s servers, also shut down computers used by public safety dispatchers — but not the city’s phone system or the public safety radio system relied upon for dispatchers, police, fire and ambulance staff in the field to communicate.

Dispatchers, who don’t have access to their usual computer-aided dispatching system, are tracking calls and the activity and whereabouts of police officers, firefighters and ambulance crews manually.

Read more on Sun Journal.

Thanks to the reader who sent in this link!

Apr 182019
 

Hacktivism is seeing a resurgence recently, in no small part fueled by the arrest of Julian Assange. #Op hashtags for the UK, Sweden, and Ecuador signal the intent of the attackers.

The police.uk site was back up at the time of this posting, but that was just one site hit. Rogue Media Labs reported that @Cyberghost404 of the Philippine Cyber Eagles (@PhCyberEagles) released a data dump with data from more than two dozen UK police-related agencies. The data dump, obtained by DataBreaches.net, does not appear to leak particularly sensitive personal information, and it is not clear what site the data were obtained from. The files, including spread sheets on stop-and-searches, organized by police unit/location, and outcomes, seem to be February data that was accessed or dumped at the beginning of April.

I suppose the question for now is:  what other files might these hacktivists have acquired that they have yet to dump?

Apr 172019
 

Hell hath no fury like a vengeful insider, Wednesday edition.  Catalin Cimpanu reports:

In an incident reminiscent of the Shadow Brokers leak that exposed the NSA’s hacking tools, someone has now published similar hacking tools belonging to one of Iran’s elite cyber-espionage units, known as APT34, Oilrig, or HelixKitten.

The hacking tools are nowhere near as sophisticated as the NSA tools leaked in 2017, but they are dangerous nevertheless.

[…]

In an incident reminiscent of the Shadow Brokers leak that exposed the NSA’s hacking tools, someone has now published similar hacking tools belonging to one of Iran’s elite cyber-espionage units, known as APT34, Oilrig, or HelixKitten.

The hacking tools are nowhere near as sophisticated as the NSA tools leaked in 2017, but they are dangerous nevertheless.

Read more on ZDNet.

Apr 162019
 

John Hultquist, Ben Read, Oleg Bondarenko, and Chi-en Shen of FireEye explain:

In early 2019, FireEye Threat Intelligence identified a spear phishing email targeting government entities in Ukraine. The spear phishing email included a malicious LNK file with PowerShell script to download the second-stage payload from the command and control (C&C) server. The email was received by military departments in Ukraine and included lure content related to the sale of demining machines.

This latest activity is a continuation of spear phishing that targeted the Ukrainian Government as early as 2014. The email is linked to activity that previously targeted the Ukrainian Government with RATVERMIN. Infrastructure analysis indicates the actors behind the intrusion activity may be associated with the so-called Luhansk People’s Republic (LPR).

Read more on FireEye.

Apr 152019
 

Terry Bridge reports:

Stratford city hall was the target of an apparent cyber-attack, but officials do not believe personal information was compromised.

The city first acknowledged the incident in a Sunday night in a Facebook post. Stratford Mayor Dan Mathieson said Monday the city has determined it was a ransomware attack, but IT staff “found no evidence of a data theft or transfer.” He added the city is working with security experts and law enforcement agencies on how best to proceed.

Read more on The London Free Press.