Apr 232018

Zack Whittaker reports:

Atlanta spent more than $2.6 million on recovery efforts stemming from a ransomware attack, which crippled a sizable part of the city’s online services.

The city was hit by the notorious SamSam ransomware, which exploits a deserialization vulnerability in Java-based servers. The ransom was set at around $55,000 worth of bitcoin, a digital cryptocurrency that in recent weeks has wildy fluctated in price.

But it’s understood that the ransom was never paid — because the portal used to pay the ransom (even if the city wanted to) was pulled offline by the ransomware attacker.

Read more on ZDNet.

Apr 232018

Sum Lok-kei reports:

Hong Kong’s second-largest residential broadband provider will purge the data of 900,000 former customers, as well as reducing how long it holds information, after a hack last week compromised the data of hundreds of thousands of customers.

Hong Kong Broadband Network (HKBN) announced the new security measures as CEO William Yeung Chu-kwong admitted on Monday the hacked personal information of 380,000 current and former customers was stored in an unencrypted database.

Read more on South China Morning Post.

Apr 232018

Brian Krebs reports:

MEDantex, a Kansas-based company that provides medical transcription services for hospitals, clinics and private physicians, took down its customer Web portal last week after being notified by KrebsOnSecurity that it was leaking sensitive patient medical records — apparently for thousands of physicians.

On Friday, KrebsOnSecurity learned that the portion of MEDantex’s site which was supposed to be a password-protected portal physicians could use to upload audio-recorded notes about their patients was instead completely open to the Internet.

Read more on KrebsOnSecurity.

Apr 232018

Ryan Ross reports:

The P.E.I. government’s website appears to have been the victim of a ransomware attack.

Visitors to some pages on the website this morning were met with a screen that said “Oops, your website have been encrypted!”

The page warned that files on the website were encrypted and no longer accessible.

Read more on The Guardian.

Miguel Gomez adds that the payment demanded by the attackers was 0.0057 BTC, approximately USD $50.00.

Read more about why Gomez thinks this was likely a strain of WannaCry on  Cryptovest.

Apr 232018

Mike Eckel reports:

U.S. authorities have demanded a nearly eight-year prison sentence for a Kazakh-born computer hacker, asserting that a harsh term would send a message to Russia’s main intelligence agency about hacking and espionage.

Federal prosecutors made the arguments in court filings in San Francisco ahead of the next hearing for Karim Baratov, who is scheduled to be sentenced on April 24.

The U.S. prosecution against Baratov has yielded glimpses into the role of Russian intelligence agencies — the Federal Security Service (FSB), first and foremost — using computer hackers, possibly in the theft of passwords, e-mails, and espionage.

Read more on RadioFreeEurope RadioLiberty