Monday's cyberattack against Britain's Labour Party was repeated yesterday. Again, it was an "unsophisticated" distributed denial-of-service incident, easily mitigated, Computing reports, by Cloudflare. Nothing special, apparently: just the normal skid background noise. Reuters says the Conservative Party sustained its own DDoS attack yesterday. While sources suggest this attack came from a different actor, this incident also looks unsophisticated and minor: a Tory spokeswoman when asked about it said she was unaware of the attack.
Pemex continues to work toward recovery from the ransomware attack it sustained over the weekend. The Mexican oil giant's administrative systems are believed to have been hit with DoppelPaymer ransomware. Reuters, which has been in email contact with people who may or may not be the attackers, says the extortionists complained that Pemex missed its chance at a "discount," and that the ransom is now $5 million in Bitcoin. Computing connects the attack to the Russian criminal gang also running Dridex and Bitpaymer. (CrowdStrike has called that group Indrik Spider.) Pemex says, Reuters reports, that operations are back to normal, and that production was unaffected.
Google's Project Nightingale, which would collect and analyze patient information from the Ascension healthcare system, has come under investigation by the US Department of Health and Human Services' Office for Civil Rights, the Wall Street Journal reports. At least two matters are of concern. Was patient approval obtained to share HIPAA-protected data, and are those data adequately secured?
You'd think BlueKeep scares would've motivated patching, but you'd think wrong, says SANS.