Tag Archive for: broader

Azusa Police Department Ransomware Hack Broader Than 1st Suspected – NBC Los Angeles


The Azusa Police Department is continuing Tuesday to assess the scope of a March ransomware attack that led to the release of information ranging from payroll files to investigative reports referencing confidential informants.

The department announced in a statement released last Thursday that it discovered March 9 that some of its computer systems were inaccessible. An investigation with other law enforcement partners and tech experts found that the department had been locked out as the result of a “sophisticated ransomware attack,” and officials refused to pay any ransom, according to the department.

On April 27, investigators determined that the hackers had stolen information and by May 20, determined that the data may have included Social Security, driver’s license and passport numbers, as well as financial and medical information, according to the police department.

However, the Los Angeles Times reported Monday that the breach was much broader, based on the newspaper’s review of documents posted on a dark web site by ransomeware gang DoppelPaymer.

The Times said the records released online included payroll files, a spreadsheet of gang member contacts, crime scene and booking photos, and investigative reports citing confidential informants.

The index page detailing the police data has been visited more than 11,000 times since April, according to the newspaper.

Azusa police Capt. Christopher Grant told City News Service that investigators — including from the Los Angeles County Sheriff’s Department and FBI — are still working to determine the full scope of the data in the hands of hackers.

Grant said he was limited in what he could say as law enforcement agencies work to bring someone to justice in the case.

“There’s a lot I… can’t discuss,” Grant said.

He said that the attack hadn’t affected the department’s ability to keep Azusa safe.

“Our operations haven’t been hindered at all by this,” Grant said.

The U.S. Treasury Department has warned that hackers often target small-to-medium-sized businesses and local government agencies because they typically have fewer security protections in place.

Cybercriminals typically encrypt data, making…

Source…

Cybersecurity agency warns suspected Russian hacking campaign broader than previously believed


An alarming new alert issued by the Department of Homeland Security’s cyber arm Thursday revealed that Russian hackers suspected of a massive, ongoing intrusion campaign into government agencies, private companies and critical infrastructure entities used a variety of unidentified tactics and not just a single compromised software program.



a screen shot of an open laptop computer sitting on top of a table


© Shutterstock


Specifically, the Cybersecurity and Infrastructure Security Agency said it has determined that the SolarWinds Orion software vulnerability disclosed earlier this week is not the only way hackers compromised a variety of online networks — warning that in some cases, victims appeared to have been breached despite never using the problematic software.

The news will likely only compound already escalating concerns about the scale and scope of the data breach, which CISA said Thursday “poses a grave risk” to networks across both the public and private sector.

“CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations,” the alert issued by the agency said. “CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.”

The agency also acknowledged Thursday that the hackers used “tactics, techniques and procedures that have not yet been discovered,” adding that it is continuing to investigate whether, and how, other intrusion methods may have been used since the campaign began months ago.

The analysis comes as the list of US agencies, private companies and other entities affected by the hacking campaign continues to increase.

Hours after the CISA alert was released, the US Energy Department said it had evidence that hackers accessed some of its networks using the same malware associated with the ongoing data breach already impacting almost half a dozen federal agencies.

The department maintains that the impact has been “isolated to business networks” and “has not impacted the mission essential national security functions of the Department, including the National Nuclear Security Administration…

Source…

US cybersecurity agency warns suspected Russian hacking campaign broader than previously believed


An alarming new alert issued by the Department of Homeland Security’s cyber arm Thursday revealed that Russian hackers suspected of a massive, ongoing intrusion campaign into government agencies, private companies and critical infrastructure entities used a variety of unidentified tactics and not just a single compromised software program.



a screen shot of an open laptop computer sitting on top of a table


© Shutterstock


Specifically, the Cybersecurity and Infrastructure Security Agency said it has determined that the SolarWinds Orion software vulnerability disclosed earlier this week is not the only way hackers compromised a variety of online networks — warning that in some cases, victims appeared to have been breached despite never using the problematic software.

Loading...

Load Error

The news will likely only compound already escalating concerns about the scale and scope of the data breach, which CISA said Thursday “poses a grave risk” to networks across both the public and private sector.

“CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations,” the alert issued by the agency said. “CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.”

The agency also acknowledged Thursday that the hackers used “tactics, techniques and procedures that have not yet been discovered,” adding that it is continuing to investigate whether, and how, other intrusion methods may have been used since the campaign began months ago.

The analysis comes as the list of US agencies, private companies and other entities affected by the hacking campaign continues to increase.

Hours after the CISA alert was released, the US Energy Department said it had evidence that hackers accessed some of its networks using the same malware associated with the ongoing data breach already impacting almost half a dozen federal agencies.

The department maintains that the impact has been “isolated to business networks” and “has not impacted the mission essential national security functions of the Department, including the National Nuclear…

Source…

Pompeo links Mar-a-Lago security breach to broader China ‘threat’ – WTVD-TV

  1. Pompeo links Mar-a-Lago security breach to broader China ‘threat’  WTVD-TV
  2. Mar-a-Lago’s bizarre breach: a mystery woman, malware and Trump’s ‘circus’  The Guardian
  3. Chinese Woman Found with Malware in Trump Resort Shows Beijing Poses Threat: Mike Pompeo  News18
  4. Pompeo says Trump resort arrest shows China’s threat  CNA
  5. Woman’s arrest at Trump resort shows China’s threat: Pompeo  The Straits Times
  6. View full coverage on read more

“malware news” – read more