Personal note

Thank you for the kind "welcome back" messages, they were really heartwarming. It feels good to be back, and I hope you all enjoy each issue!

Dieter Van der Stock

Breaches and leaks

  • Definitely the lowpoint in infosec news this week: because of a ransomware infection in a hospital a critical patient needed to be diverted elsewhere, and they died because they didn't receive help in time. A strong reminder that for some in our line of work it's not about saving data, but about saving lives: link.
  • The Department of VA had an online app breached. The attackers diverted healthcare payments of 46.000 Veterans. Personal data might also be stolen: link.
  • Ransomware infections were reported at IPG Photonics, a laser manufacturer: link, and a Californian school district: link.
  • Mailfire, a marketing company, had an unsecured Elasticsearch instance with 320 million records related to dating sites: link.
  • Staples had a bug in their order tracking system that meant you could get detailed customer data on every order: link.
  • Close to 2000 Magento webshops were infected with card skimmers in a single weekend: link.
Dieter Van der Stock

US charges foreign hackers

There's quite a few charges being put up lately, and they are often an interesting read:

  • US brings charges against a number of Iranian nationals for hacking aerospace and satellite companies. One charged individual is said to lead a double life between white-hat researcher and OWASP member on one side, and black-hat working for Iranian intelligence on the other: link.
  • US brings charges to several Chinese nationals as part of the APT41 state-sponsored hacking group. They seem to be responsible for the CCleaner and ShadowPad hacks, and worked through a legit looking cybersecurity firm as a front: link.
Dieter Van der Stock