AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 8/19/2024

ISP to Supreme Court: We shouldn’t have to disconnect users accused of piracy

A large Internet service provider wants the Supreme Court to rule that ISPs shouldn’t have to disconnect broadband users who have been accused of piracy. Cable firm Cox Communications, which is trying to overturn a ruling in a copyright infringement lawsuit brought by Sony, petitioned the Supreme Court to take up the case yesterday. Cox said in a press release that a recent appeals court ruling “would force ISPs to terminate Internet service to households or businesses based on unproven allegations of infringing activity, and put them in a position of having to police their networks—contrary to customer expectations… Terminating Internet service would not just impact the individual accused of unlawfully downloading content, it would kick an entire household off the Internet.”

 

Ransomware Gangs Introduce New EDR-Killing Tool

Sophos researchers have uncovered a new tool, EDRKillShifter, that malicious actors are using to target endpoint detection and response (EDR) systems. The discovery came after an unsuccessful ransomware attack in May. The threat actors deployed the tool to disable endpoint protection software and execute the notorious RansomHub ransomware. The attack failed when Sophos’ protection systems detected and blocked the ransomware. According to Sophos, this tool is a significant evolution in malware that targets EDR systems as more businesses are investing in these technologies to protect themselves from cyber threats.

 

100,000 Impacted by Jewish Home Lifecare Data Breach

Jewish Home Lifecare, which is now called The New Jewish Home and which specializes in providing healthcare services to the elderly, informed customers in February that it had discovered unusual activity on its network on January 7.  It said at the time that hackers may have gained access to information related to patients and other members of the community, including their name, address, date of birth, Social Security number, financial account information, payment card information, passport number, and medical record and medical treatment details. Jewish Home Lifecare told the Maine Attorney General’s Office on Friday that the incident impacts just over 104,000 individuals

 

Massive Cyber Attack On AWS Targets 230 Million Unique Cloud Environments

A complex large-scale campaign was detected by Unit 42 researchers that manipulated and extorted several organizations using cloud systems.  Security analysts discovered that this massive large-scale cyber attack on AWS targets over 230 million unique cloud environments. The attackers crafted a smart tactic of exploiting exposed environment variable (.env) files on cloud infrastructures. These .env files, often overlooked in security measures, contained confidential data such as access codes to different programs and services. This allowed the hackers to gain unauthorized entry into the victims’ systems, through which they infiltrated further into the networks.

 

City of Flint Scrambling to Restore Services Following Ransomware Attack

The attack impacted the city’s payment and communication services, but did not affect emergency services, including 911, dispatch, law enforcement, and fire operations, Flint said in an incident notice on its website, which is hosted on a separate server and was not affected. BS&A, the city’s billing system, was disrupted, preventing online or credit card transactions for water, sewer, and tax payments. However, Flint said that no late fees or penalties would be assessed, and that no water shutoffs would happen during the outage.

Related Posts