Hackers breached DHS information-sharing network


A key Department of Homeland Security information-sharing database was accessed by an unknown threat actor in recent weeks, potentially exposing sensitive data exchanged between federal, state, local and industry partners, according to two people familiar with the matter.

DHS investigators are probing the intrusion of the Homeland Security Information Network, said both people, who spoke on the condition of anonymity because the incident is sensitive. The hackers’ affiliation and whether any documentation was pilfered from the system are both unclear.

Read more…
Source:  Nextgov


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Massachusetts healthcare provider warns patients of data breach

    March 29, 2024

    A Massachusetts healthcare provider is warning patients of a recently discovered data breach that compromised some personal information. Brigham and Women’s Physician Organization, a Mass General Brigham Incorporated member, is notifying individuals of an incident it became aware of on Jan. 29, 2024, involving some patients’ personal information. Read more… Source: MSN News  

  • Illinois Tollway warns I-PASS customers of text message phishing scam

    March 26, 2024

    The Illinois Tollway is warning customers of an ongoing phishing scam that is targeting drivers by saying that they have outstanding tolls owed to the agency. According to a press release, the Tollway says that some customers have been receiving text messages from the “Illinois toll way,” detailing outstanding toll amounts that the customers owed. Those ...

  • YouTube ordered to reveal the identities of video viewers

    March 26, 2024

    Federal US authorities have asked Google for the names, addresses, telephone numbers, and user activity of accounts that watched certain YouTube videos, according to unsealed court documents Forbes has seen. Of those users that weren’t logged in when they watched those videos between January 1 and 8, 2023, the authorities asked for the IP addresses. The ...

  • Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script

    March 26, 2024

    Since its discovery in 2022, the Agenda Ransomware group (also known as Qilin) has been active and in development. Agenda, which Trend Micro tracks as Water Galura, continues infecting victims globally with the US, Argentina, and Australia, and Thailand being among its top targets (based on the threat actor’s leak site data). Meanwhile the Agenda ransomware ...

  • Bringing Access Back — Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect

    March 21, 2024

    During the course of an intrusion investigation in late October 2023, Mandiant observed novel N-day exploitation of CVE-2023-46747 affecting F5 BIG-IP Traffic Management User Interface. Additionally, in February 2024, Mandiant researchers observed exploitation of Connectwise ScreenConnect CVE-2024-1709 by the same actor. This mix of custom tooling and the SUPERSHELL framework leveraged in these incidents is assessed ...

  • DHS and DG CONNECT Announce Initiative Comparing Cyber Incident Reporting to Better Align Transatlantic Approaches

    March 20, 2024

    WASHINGTON – Today, the US Department of Homeland Security (DHS) and European Commission’s Directorate General for Communications, Networks, Content, and Technology (DG CONNECT) announced an initiative to compare cyber incident reporting elements that will inform cyber incident reporting requirements by the US, and European Union (EU) under the NIS 2 Directive. This transatlantic collaboration between the ...