Harvard is investigating a data breach after a Russian-speaking cybercrime organization claimed it was preparing to release information stolen through a vulnerability in a software suite used by the University. Clop, an organization that extorts payments from companies to prevent the release of stolen data, announced the breach on its leak site Saturday.
The alleged breach of Harvard’s systems is part of a larger attack exploiting a vulnerability in the Oracle E-Business system. Clop has not yet publicized the names of other exploited companies.
Read more…
Source: Harvard Crimson News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Virginia National Guard confirms cyberattack hit Virginia Defense Force email accounts
September 9, 2021
Email accounts connected to the Virginia Defense Force and the Virginia Department of Military Affairs were impacted by a cyberattack in July, according to a spokesperson from the Virginia National Guard. A. A. Puryear, chief of public affairs for the Virginia National Guard, told ZDNet that the organization was notified in July about a possible cyber ...
- Ransomware Awareness for Holidays and Weekends
August 31, 2021
CISA and the FBI have released an advisory warning of potential cyberattacks that may occur over the coming Labor Day weekend, noting that in recent years hackers have launched dozens of devastating attacks on long weekends. They urged organizations to take steps to secure their systems, reduce their exposure and potentially “engage in preemptive threat hunting ...
- Biden to host summit with tech moguls on combating cyberattacks
August 25, 2021
United States President Joe Biden is set to host leaders from the country’s largest technology and finance firms at the White House on Wednesday to discuss how to shore up their cybersecurity defences in the face of increasingly complex attacks. The meeting with top executives comes as Congress considers legislation regarding data-breach notification laws and cybersecurity ...
- FBI: OnePercent Group Ransomware targeted US orgs since Nov 2020
August 23, 2021
The Federal Bureau of Investigation (FBI) has shared info about a threat actor known as OnePercent Group that has been actively targeting US organizations since at least November 2020 as a ransomware affiliate. The US federal law enforcement agency shared indicators of compromise, tactics, techniques, and procedures (TTP), and mitigation measures in a flash alert published ...
- Indiana: COVID-19 Contact-Tracing Data Exposed, Fake Vax Cards Circulate
August 19, 2021
This week, the Indiana Department of Health issued a notice that the state’s COVID-19 contact-tracing system had been exposed via a cloud misconfiguration, revealing names, emails, gender, ethnicity, race and dates of birth of more than 750,000 people. The incident shows that COVID-19 data could be poised for abuse and misuse, according to experts, which is ...
- US Census Bureau hacked in January 2020 using Citrix exploit
August 18, 2021
US Census Bureau servers were breached on January 11, 2020, by hackers who exploited a Citrix ADC zero-day vulnerability as the US Office of Inspector General (OIG) disclosed in a recent report. “The purpose of these servers was to provide the Bureau with remote-access capabilities for its enterprise staff to access the production, development, and lab ...