Slickwraps has suffered a data breach after a security researcher was able to access their systems and after receiving no response to emails, publicly disclosed how they gained access to the site and the data that was exposed. In a post to Medium, a security researcher named Lynx states that in January 2020 he was able to gain full access to the Slickwraps web site using a path traversal vulnerability in an upload script used for case customizations. Screenshot of Slickwraps payment gateway After trying to report these breaches to Slickwraps, Lynx stated they were blocked multiple times even w ..read more

The attack sparked concerns about the security of patient health information stored on NRC Health's servers.The company could not confirm whether any patient information or confidential information was accessed by the hackers. Companies must, by law, report a breach of protected health information to government health regulators.NRC Health says it sells software to 9,000 healthcare organizations, including Cedars Sinai, Ochsner, Jefferson Health and Providence Health. There have been 172 attacks on individual healthcare organizations since 2016, costing the sector overall $160 million, accord ..read more

The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. At that time, the researchers tracked the sources IP in Pakistan, the attacks were part of a wider operation that relies on multi vector such as watering hole websites and phishing email campaigns delivering custom RATs dubbed Crimson and Peppy. These RATs are capable of exfiltrate information, take screenshot and record webcam streams. This threat actor has vanished for a ..read more

The South Adams Schools district is dealing with a ransomware cyber-attack that took place overnight. Administrators informed staff Thursday morning according to a press release posted on the district website. All the district’s systems were shut down and normal operations won’t resume until further notice according to the release. Part of their heating system and security cameras were down for a short time Thursday morning while they worked to override the virus. “We are working with our Cybersecurity firm to work through this unfortunate situation and to create a plan to deal with issues thi ..read more

spyware app designed to “monitor everything” on a victim’s phone has been secretly installed on thousands of phones. The app, KidsGuard, claims it can “access all the information” on a target device, including its real-time location, text messages, browser history, access to its photos, videos and app activities, and recordings of phone calls. But a misconfigured server meant the app was also spilling out the secretly uploaded contents of victims’ devices to the internet. TechCrunch obtained a copy of the Android app from Till Kottmann, a developer who reverse-engineers apps to understand how ..read more

Cameo, the increasingly popular app for paying celebrities to record short personal videos, exposed a wealth of user data including email addresses, hashed and salted passwords and phone numbers, and messages via a misconfiguration in its app. To test the issue, Motherboard wrote scripts to compile lists of videos that Cameo users had provided reviews for, including those that users had set as "private." According to a video that the researcher provided which appears to show how Cameo trains celebrities to use the service, celebrities are told to send their completed Cameos to a bot on the mes ..read more

Multiple sources have told ZDNet the cyber-attack is a ransomware infection that infected and then encrypted some of the company's backend servers. A source familiar with the incident has told ZDNet this week that the ransomware incident has been caused by an infection with the CLOP ransomware strain. For example, hours before INA reported being infected, a Sophos malware analyst reported a new malware server going live and actively distributing a version of the CLOP ransomware. The use of the CLOP ransomware in the attack against INA also fits the bill when it comes to CLOP's regular modus op ..read more

A Defense Department agency reportedly suffered a data breach last year that may have compromised personal information, including Social Security numbers, of victims involved. Reuters reported Thursday that the Defense Information Systems Agency (DISA) sent out a letter last week to all individuals affected by the breach, which DISA wrote took place between May and July of 2019. DISA told victims in the letter, which was also tweeted out by one of the potential victims earlier this week, that “some of your personal information, including your Social Security number, may have been compromised ..read more

Hackers published the personal data of more than 10.6 million users who stayed at MGM Resorts hotels, on a hacking forum this week. The MGM data dump contains personal details for 10,683,188 former hotel guests. The leaked files included the personal details such as full names, home addresses, phone numbers, emails, and dates of birth. Around 1,300 former guests were notified that sensitive information including passport numbers was revealed. A further 52,000 customers were told that less sensitive personal information was exposed ..read more

A cyber-attack has hit the major facilities company ISS World, which has half a million employees worldwide. ISS provides cleaning, catering, security and other services to companies in the UK and elsewhere. Its websites have been down since 17 February. And This Week in Facilities Management said 43,000 staff at London's Canary Wharf and its Weybridge HQ, in Surrey, still had no email. Ransomware attacks encrypt IT systems, locking users out and demanding money. The company says that many of its 500,000 global employees do not use its computers in their daily work. But IT support across all t ..read more