Connect with us

Ransomware demanded “colossal ransom” from British VoIP operators

Published

on

Cybercriminal group REvil carried out two DDoS attacks.

The computer systems of two UK VoIP operators have gone down due to ongoing DDoS attacks. Voip Unlimited reported that the ransomware demanded a “colossal ransom”. According to company representatives, the attack was carried out by the cybercriminal group REvil.

As a result of the attack, some VoIP Unlimited networks experienced “Intermittent or complete loss of Internet connection services,” although customers using its Voip Unlimited Ethernet and broadband services are believed to be largely unaffected.

Voip Unlimited was able to restore its systems to work, but London-based Voipfone is still is experiencing interruptions in the transmission of voice, incoming and outgoing calls and SMS services. In addition, the company was subjected to another DDoS attack during the Bank Weekend shortly after the first attack.

It is not yet known if other UK Internet telephony service providers have been affected. However, industry body UK Comms Council informed industry group members of the attacks and issued a reminder to adopt “appropriate DDoS mitigation strategies”.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

HackerOne Expands Open Source Vulnerability Scanning Program

Published

on

Open source projects eligible for the HackerOne reward program include Ruby, Ruby on Rails, RubyGems, Curl, Electron, Django, Nginx, and OpenSSL.

HackerOne Community announced on expanding the program for searching for vulnerabilities in open source projects. The initiative is part of the ongoing Internet Bug Bounty program.

Open source projects eligible for the HackerOne reward program include Ruby, Ruby on Rails, RubyGems, Curl, Electron, Django, Nginx, and OpenSSL. For vulnerabilities found in these projects, HackerOne will pay from $ 300 to $ 5000, depending on the severity of the bug. Payment will be made as follows. Four-fifths of the awards will immediately go to the researcher who discovers the problem. The fifth part of the award will be given to the developer who is engaged in the open source project in the direction that affects the new vulnerability. He will receive payment from HackerOne after he releases a patch against the vulnerability.

“Open source software is used in almost all modern digital infrastructure. Currently, an average, solid, not very rich application uses 528 different open source components. Critical vulnerabilities discovered in 2020 existed by the time of discovery for an average of about two years , and the application development companies did not have access and the ability to eliminate the identified deficiencies of the components used, “the company said in a press release.

Along with HackerOne, participating partners are organizations that rely on open source for software supply chains and other critical digital infrastructure – Elastic, Facebook, Figma, GitHub, Shopify, and TikTok.

Continue Reading

Security

Vice Society ransomware attacked a network of medical facilities in California

Published

on

The ransomware said that they do not care who to attack, and they will not make exceptions for hospitals.

United Health Centers, a California-based network of medical facilities, was subjected to a ransomware cyberattack that disrupted all of its centers and leaked patient data.

United Health Centers has 21 public health centers in California counties such as Fresno, Kings and Tulare.

On August 31 of this year, BleepingComputer learned from an informed source from the information security community that United Health Centers’ medical facilities suffered from an attack by the Vice Society cyber ransomware group, as a result of which they had to turn off their entire network and IT systems and start restoring files from backup copies. However, representatives of United Health Centers did not comment on this information in any way.

This week, the Vice Society released files allegedly stolen in the August attack on United Health Centers. They contain sensitive information, including about beneficiary patients, financial records, test results and examinations. However, the organization remains silent.

The Vice Society is a relatively new cyber ransomware group that began operations in June this year. 20% of the companies published on its leak sites are related to the healthcare industry.

When asked by BleepingComputer why the group allows them to attack hospitals, the Vice Society responded as follows:

“Why not?

They always keep our confidential data clear. You, me and everyone else go to hospitals, give them our passports, talk about health problems, etc., and they don’t even try to protect our data. They receive millions from the state. Are they stealing this money?

The US President has given large sums of money to protect government networks, and where is this protection? Where is our defense?

If the IT department doesn’t want to do their job, we’ll do ours, and we don’t care if it’s a hospital or a university. “

Continue Reading

Security

The data of those wishing to take out a loan from Sovcombank got into the public domain

Published

on

The announcement of the sale of the Sovcombank customer database appeared on the darknet on September 20.

The questionnaires contain the full name, phone number, passport data, type of loan, address, marital status, contacts of relatives, place of work, position and income. The database also includes the responses of citizens to a call from a bank specialist. The bank said that in 2020 they identified an employee of an external call center who illegally copied loan applications. He was found guilty of divulging bank secrets and was sentenced to two years probation. During the investigation, the ex-employee of Sovcombank published an advertisement for the sale of data in his telegram channel, according to the organization. After that, Sovcombank again turned to the police: the department of the Ministry of Internal Affairs in Dagestan opened a criminal case on disclosing bank secrets and illegal access to protected computer information, and then transferred it to the regional department of the FSB. The case has now been sent to court. Now the stolen base is publicly available. …

Continue Reading

Most Popular