News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

LockBit is back: cyber attack on KJF with 17 clinics and schools 

The KJF – the headquarters of the Catholic Youth Welfare Department of the Diocese of Augsburg e. V. suffered an extensive cyber attack. The hackers around LockBit list the attack on their leak page on the dark web. The hackers accessed 17 associated clinics, facilities and schools via the KJF systems. According to KJF, data on personnel, finances, patients and health data were leaked. The headquarters of the Catholic Youth Welfare Department of the Diocese of Augsburg e. V. (KJF Augsburg) was the target of a cyber attack on April 17.04.2024, XNUMX. According to the Darknet, the LockBit group claims the crime for itself and lists the KJF on its leak page...

Read more

Browser attack: Acceleration through graphics card as a point of attack
Browser attack: Acceleration through graphics card as a point of attack MS - AI

Browser attack: Using a website with malicious JavaScript, researchers from the Institute for Applied Information Processing and Communication Technology at Graz University of Technology were able to spy on information about data, keyboard entries and encryption keys on third-party computers in three different attacks via WebGPU. Modern websites place ever greater demands on the computing power of computers. Therefore, in addition to the CPU of a computer, web browsers have also been given access to the computing capacity of the graphics card (Graphics Processing Unit or GPU) for several years. The JavaScript scripting language can use the resources of the GPU via programming interfaces such as WebGL and the new WebGPU standard. However, this carries risks. Researchers carry out browser attack on Crome, Edge & Co. WebGPU is currently…

Read more

Another cyber attack on the hospital
B2B Cyber ​​Security ShortNews

Hackers have paralyzed the IT system and telecommunications at the Lindenbrunn Hospital in Coppenbrügge (Hameln-Pyrmont district). The unknown perpetrators demanded money to make the systems available again. However, the hospital did not respond to this. How the perpetrators were able to break into the IT systems is being investigated. The hospital reports that patient care is not at risk. However, improvisation is necessary: ​​instead of digital patient files, written files are being created again. “There is currently no indication as to whether patient or resident data is affected,” it says on the hospital’s website. "As part of a…

Read more

Clinic deregistered from emergency care after cyber attack
B2B Cyber ​​Security ShortNews

After a cyber attack, the Dreifaltigkeits Hospital in Lippstadt and two other hospitals are temporarily unable to accept emergencies. After the attack, no one anymore had access to the patient data. “As in other cases, our employees and other experts who are very experienced in these matters are trying to restore the IT systems as quickly as possible,” it says on the hospital’s website. “This necessary process is carried out completely normally and carefully, but requires the time necessary in other cases of cyber attacks. For such cases, there are extensive outage concepts to ensure patient care...

Read more

Akira responsible for attack on South Westphalia IT and municipalities
B2B Cyber ​​Security ShortNews

Now it is definitely clear: The Akira group and its ransomware attacked South Westphalia IT in October, paralyzing 70 to 100 municipalities. The service provider is now working through the attack and reveals that it all started with a VPN attack. The attack on Südwestfalen IT – SIT started on October 30, 2023 and has kept those responsible on their toes to date. According to SIT, they are still working through the action plan and want to be back to normal operations by the end of Q1 2024. Some municipalities are already reporting that they are working almost back to normal...

Read more

Russian APT group attacked Microsoft 
B2B Cyber ​​Security ShortNews

According to its own information, Microsoft was attacked by Midnight Blizzard on January 12, 2024. The Russian-sponsored actors apparently had access to email accounts of high-ranking employees. However, the attackers are said to have had no access to the customer environments. On January 12, 2024, the Microsoft security team said it recognized an attack by a nation state on its corporate systems. A response process was then activated to disrupt the malicious activity, mitigate the attack, and deny further access to the threat actor. Microsoft has identified the threat actor as Midnight Blizzard, also known as Nobelium,…

Read more

Many German chambers of crafts remain offline
B2B Cyber ​​Security ShortNews

The IT service provider ODAV was the victim of a cyber attack at the beginning of January. Since the service provider provides many services for the German Chamber of Crafts and also hosts the homepages, the pages have been lying idle for weeks. It is still not clear who attacked the service provider of the German Chambers of Crafts ODAV (first report here on January 11, 2024), but the effects are still obvious. Many websites of the nationwide chambers of crafts are still not accessible or are now operating with hastily set up emergency pages. Although these offer important information, they are far from the old services...

Read more

Banking supervision starts cyber stress test for financial institutions
B2B Cyber ​​Security ShortNews

The European Central Bank (ECB) will launch its first cyber stress test for banks in the euro area in January. The aim is to test the resilience of banks against serious cyber attacks. The test simulates a scenario in which a cyberattack disrupts a bank's business operations. Among other things, the ECB wants to find out how well banks can react to such attacks, recover from them and resume normal business operations. Cyber ​​stress test for over 100 banks Almost all banks directly supervised by the ECB are taking part in the test, currently 109. Of them…

Read more

Large gaps in Detection & Response in the OT area
Large gaps in Detection & Response in the OT area - image by Pete Linforth from Pixabay

A new report reveals that enterprise security operation centers (SOCs) are looking to extend detection and response into the OT space. However, a lack of employee visibility and knowledge poses significant barriers, according to a study by Trend Micro. According to the study by the Japanese cybersecurity provider, half of the companies now have an SOC that shows a certain degree of ICS/OT (Industrial Control Systems / Operational Technology) transparency. But even among the companies surveyed that have a more comprehensive SOC, only about half (53…

Read more

MOVEit leak: CLOP group leaks another 30 company names
B2B Cyber ​​Security ShortNews

It's like a bottomless pit: in just one week, the CLOP group has leaked another 30 company names that are said to be victims of the attack on the MOVEit vulnerability. Now there are well over 80 victims, some of whom are prominent. Much of the data is already completely online. The currently published list has now grown to 82 names. Most company names are international and not based in Germany. The group of users of the MOVEit software solution for data exchange, which was vulnerable weeks ago, is smaller in Germany than initially assumed. Nevertheless, experts speak behind closed doors of good...

Read more