Harvard is investigating a data breach after a Russian-speaking cybercrime organization claimed it was preparing to release information stolen through a vulnerability in a software suite used by the University. Clop, an organization that extorts payments from companies to prevent the release of stolen data, announced the breach on its leak site Saturday.
The alleged breach of Harvard’s systems is part of a larger attack exploiting a vulnerability in the Oracle E-Business system. Clop has not yet publicized the names of other exploited companies.
Read more…
Source: Harvard Crimson News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Threat Actors Exploited Progress Telerik Vulnerability in U.S. Government IIS Server
March 15, 2023
Today, the CISA, Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server. This joint CSA provides IT infrastructure defenders with tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and methods to detect and protect ...
- Hands up who DIDN’T exploit this years-old flaw to ransack a US govt web server…
March 15, 2023
Multiple criminals, including at least potentially one nation-state group, broke into a US federal government agency’s Microsoft Internet Information Services web server by exploiting a critical three-year-old Telerik bug to achieve remote code execution. The snafu happened between November 2022 and early January, according to a joint alert from the FBI, CISA, and America’s Multi-State Information ...
- What happens if you ‘cover up’ a ransomware infection? For Blackbaud, a $3m charge
March 10, 2023
Blackbaud has agreed to pay $3 million to settle charges that it made misleading disclosures about a 2020 ransomware infection in which crooks stole more than a million files on around 13,000 of the cloud software slinger’s customers. According to America’s financial watchdog, the SEC, Blackbaud will cough up the cash – without admitting or denying ...
- Significant hack potentially exposes US lawmakers’ personal data
March 9, 2023
A serious breach at a healthcare administrator serving the U.S. House of Representatives has potentially exposed the personal data of hundreds of lawmakers and their staff, top representatives and a senior Congressional official said in letters circulated on Wednesday. One of the letters, which the House’s Chief Administrative Officer Catherine Szpindor (CAO) sent to members of ...
- TSA issues new cybersecurity requirements for airport and aircraft operators
March 7, 2023
Today, the Transportation Security Administration (TSA) issued a new cybersecurity amendment on an emergency basis to the security programs of certain TSA-regulated airport and aircraft operators, following similar measures announced in October 2022 for passenger and freight railroad carriers. This is part of the Department of Homeland Security’s efforts to increase the cybersecurity resilience of U.S. critical infrastructure and ...
- Germany and Ukraine hit two high-value targets
March 6, 2023
With the help of the FBI, German and Ukrainian police last week searched the properties of two suspected “core members” of a global cybercrime gang that has cost US victims tens of millions of dollars, European officials said Monday. German police officers raided a German citizen’s house, while Ukrainian police searched properties in the capital Kyiv ...