yaracroft @venom@nanao.cybtex.fr

Massive increase in cyberattacks on Airlines

https://simpleflying.com/data-breach-airlines-2021/

Massive increase in cyberattacks on higher education

https://www.bluevoyant.com/resources/cybersecurity-in-higher-education/

Apparent ransomware attack extorts Allergy Partners for $1.75M

https://eu.citizen-times.com/story/news/2021/03/04/allergy-partners-reports-ransomware-attack-demand-1-75-million/6902076002/

Saint Agnes Medical Center hit with data breach.

https://www.fresnobee.com/news/local/article249734643.html

Sandhills Medical Foundation patient info accessed in cyber attack.

https://www.theitem.com/stories/sandhills-medical-foundation-patient-info-accessed-in-cyber-attack,360412

Humana says an employee for a subcontractor used members' information for unauthorized training purposes for two months last year.

https://www.wsaw.com/2021/03/06/humana-notifying-65000-health-plan-members-information-was-exposed/

Humble & AlumniLocker

https://www.trendmicro.com/en_us/research/21/c/new-in-ransomware-alumnilocker-humble-feature-different-extortio.html

ATMMalScan is a commandline tool for Windows which helps to search for malware traces on an ATM during the DFIR process. Currently ATMMalScan does not support codepages that require Unicode.

https://github.com/fboldewin/ATMMalScan

Lord of the Ring(s) : Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical

https://arxiv.org/pdf/2103.03443.pdf

Sentello is python script that simulates the anti-evasion and anti-analysis techniques used by malware.

https://github.com/Malwation/sentello

U.S. Department of Health and Human Services Office for Civil Rights : Breach Portal - Cases Currently Under Investigation

https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf

REvil Ransomware Attacks MSP Standley Systems, Leaks SSN's

https://www.crn.com/news/security/revil-ransomware-attacks-msp-standley-systems-leaks-ssns

Terminated: Texas Medicaid subcontractor dumped after data breach in ransomware attack from Russia

https://www.dallasnews.com/news/politics/2021/03/05/terminated-texas-medicaid-subcontractor-dumped-after-data-breach-in-ransomware-attack-from-russia/

Report: Russian hackers exploit Lithuanian infrastructure.

https://www.stripes.com/news/europe/report-russian-hackers-exploit-lithuanian-infrastructure-1.664405

Internal reviewers found several of the Canadian Security Intelligence Service's preparatory steps for the execution of warrant powers needed strengthening.

https://globalnews.ca/news/7681133/csis-warrant-audit-problems/

kernsomware

https://www.cybersecurity360.it/nuove-minacce/ransomware/kernsomware-il-nuovo-ransomware-made-in-italy-e-pronto-a-colpire-tutti-i-dettagli/

(IOC) FluBot

https://github.com/prodaft/malware-ioc/tree/master/FluBot

(proxylogon) Microsoft Exchange pre-auth RCE pour les nulls

https://proxylogon.com