Tag Archive for: Lists

Rhysida ransomware group lists British Library data for sale

/in


Rhysida ransomware group lists British Library data for sale

Following the confirmation that the major outage it has been suffering since last month was the result of a cyber attack, data belonging to the British Library is reportedly for sale by the Rhysida ransomware group.

The threat actor posted a low-resolution image to its leak site with sample data, including passports and employment documents.

“With just seven days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data,” the ransomware group said on its leak site.

“Open your wallets and be ready to buy exclusive data.

“We sell only to one hand, no reselling, you will be the only owner.”

Rhysida held an auction to sell the stolen data, with the deadline for bidding ending on 27 November at 8am UTC.

The British Library is yet to confirm that the claims made by Rhysida are true, but it has taken to X (formerly Twitter) to say that its services are still down and that it is aware that some data was stolen.

“We’re continuing to experience a major technology outage as a result of a cyber attack, affecting our website, online systems and services, and some onsite services too,” said the British Library.

“We anticipate restoring many services in the next few weeks, but some disruption may persist for longer.

“Following confirmation last week that this was a ransomware attack, we’re aware that some data has been leaked. This appears to be from our internal HR files.”

Despite data having been stolen, the British Library has failed to find any evidence that the data has been used. However, it has engaged security measures just in case.

“We have no evidence that data of our users has been compromised.

“In the meantime, we’ve taken targeted protective…

Source…

Ransomware gang lists first victims of MOVEit mass-hacks, including US banks and universities

/in


Clop, the ransomware gang responsible for exploiting a critical security vulnerability in a popular corporate file transfer tool, has begun listing victims of the mass-hacks, including a number of U.S. banks and universities.

The Russia-linked ransomware gang has been exploiting the security flaw in MOVEit Transfer, a tool used by corporations and enterprises to share large files over the internet, since late May. Progress Software, which develops the MOVEit software, patched the vulnerability — but not before hackers compromised a number of its customers.

While the exact number of victims remains unknown, Clop on Wednesday listed the first batch of organizations it says it hacked by exploiting the MOVEit flaw. The victim list, which was posted to Clop’s dark web leak site, includes U.S.-based financial services organizations 1st Source and First National Bankers Bank; Boston-based investment management firm Putnam Investments; the Netherlands-based Landal Greenparks; and the U.K.-based energy giant Shell.

GreenShield Canada, a non-profit benefits carrier that provides health and dental benefits, was listed on the leak site but has since been removed.

Other victims listed include financial software provider Datasite; educational non-profit National Student Clearinghouse; student health insurance provider United Healthcare Student Resources; American manufacturer Leggett & Platt; Swiss insurance company ÖKK; and the University System of Georgia (USG).

A USG spokesperson, who did not provide their name, told TechCrunch that the university is “evaluating the scope and severity of this potential data exposure. If necessary, consistent with federal and state law, notifications will be issued to any individuals affected.”

Florian Pitzinger, a spokesperson for German mechanical engineering company Heidelberg, which Clop listed as a victim, told TechCrunch in a statement that the company is “well aware of its mentioning on the Tor website of Clop and the incident connected to a supplier software.” The spokesperson added that the “incident occurred a few weeks ago, was countered fast and effectively and based on our analysis did not lead to any data breach.”

None of…

Source…

Play Ransomware Lists A10 Networks on its Leak Site

/in


Fraud Management & Cybercrime
,
Ransomware

Group Says It Has Confidential Data, Tech Docs; A10 Says Operations Not Impacted

Prajeet Nair (@prajeetspeaks) •
February 11, 2023    

Play Ransomware Lists A10 Networks on its Leak Site

The Play ransomware group listed networking firm A10 Networks in its leak site, after briefly gaining access to its IT infrastructure, according to data breach notifications firm BetterCyber.

See Also: Live Webinar | Navigating the Difficulties of Patching OT

BetterCyber notes that the leak site claims the group has “private and personal confidential data, a lot of technical documentation, agreements, employee and client documents.”

The San Jose, Calif.-based networking hardware manufacturer earlier said it identified a cybersecurity incident on Jan. 23, in its corporate IT infrastructure and said the attack was not related to any of the products or solutions used by its customers.

“Upon detecting the incident, the company launched an investigation and engaged the services of cybersecurity experts and advisors, incident response professionals and external counsel to support the investigation,” the company said in a filing with the Securities and Exchange Commission.

A10 Networks specializes in the manufacturing of application delivery controllers and provides secure, scalable application solutions for on-premises, cloud and edge-cloud environments. Its offerings also include firewall and DDoS threat intelligence and mitigation services.

A10 Networks serves customers in 117 countries worldwide including Yahoo, Alibaba, Deutsche Telekom, Softbank, GE Healthcare, Twitter, LinkedIn, Samsung, Uber, Sony Pictures, Windows Azure, Xbox and others.

A spokesperson for A10 Networks was not immediately available to provide additional details. The company is yet to provide details on the…

Source…

SOTI lists key IT trends impacting ANZ markets in 2023

/in


SOTI, the mobile and IoT management solutions provider, predicts four key technology trends that will impact the Australian and New Zealand markets in 2023. Increased technology investment for improved customer experiences, cloud security and the growth of zero trust, device sustainability, and voice search technology is predicted to impact organisations in the year ahead directly.

“With significant economic headwinds anticipated in 2023 due to rising interest rates, organisations are going to be challenged specifically when it comes to growth. In such an environment, solutions that support business mobility, create organisational efficiencies and connections with customers will be central to operational success. Business leaders must be aware of key business mobile technology trends to maintain their competitive edge,” says Michael Dyson, Vice President of Sales, APAC at SOTI. 

Consumers engage and respond well to brands that market to them as individuals, such as through personalised recommendations via email or targeted online ads promoting goods that they have recently viewed. 

In 2023, businesses will likely capitalise on this trend and leverage the vast amounts of customer data available to them to create products and services uniquely tailored to individual consumer needs. It can be achieved by creating personalised touchpoints throughout the customer journey and extending to physical stores. 

By equipping retail associates with mobile devices (such as tablets or mobile computers), customer service personnel can quickly retrieve product information, stock availability and recommendations for loyal customers based on their previous purchases. In addition, it helps customers feel that the products and services are uniquely relevant to them.

“Rising consumer expectations and tighter household budgets present a perfect storm for businesses looking to grow their operations in 2023. As a result, organisations will find that they need to quickly to adopt new approaches, strategies and technology solutions that improve operational effectiveness and offer an outstanding customer experience,” adds Dyson.   

The concept of zero trust, where anything and anyone…

Source…