Rachel Monroe has an interesting profile of a ransom negotiator in The New Yorker. But the piece also provides an answer to a puzzling claim in a blog post by REvil that referred to fraudulent middlemen. When the negotiator hired by a victim entered the chat, they discovered that someone had already been negotiating with…
Author: Dissent
Ethical disclosures are being ignored: an unchecked security crisis
Ron Nahamias, Cyberpion co-founder and CBO, has a piece in Security Magazine that includes a topic near and dear to my heart — companies that do not provide a way to notify them of a security breach, leak, or vulnerability. He writes, in part: Sometimes the burying of the head in the sand, even if…
Secret Chats Show How Cybergang Became a Ransomware Powerhouse
There’s an interesting piece by Andrew E. Kramer, Michael Schwirtz and Anton Troianovski in the New York Times: Secret Chats Show How Cybergang Became a Ransomware Powerhouse. The reporters obtained access to the internal dashboard that DarkSide customers used to organize and carry out ransom attacks and their piece provides some insights as to how DarkSide “support” dealt with…
Au: BLK Sport reveals DarkSide attack
On May 26, BLK Sport disclosed that they had been attacked by DarkSide on April 21, 2021. Of note, the firm states that they have to assume that information may have been exfiltrated (because that’s how DarkSide normally operated), but they have been unable to actually determine the extent of any information theft. According to their…
MA: Sturdy Hospital pays ransom after patient information is stolen
Updated June 1: External counsel for the hospital notified the Maine Attorney General’s Office that this incident resulted in notifications to 42,336 people and that those affected were offered two years of Experian credit and identity monitoring services. Updated June 3: It seems that on May 28, they notified HHS that they notified 57,379, so…
It: Municipality of Porto Sant’Elpidio publicly quiet after ransomware attack and partial dump of files
This week, DataBreaches.net reported on a new dedicated leak site and threat actors who had hit Clover Park School District in Washington. The same threat actors, whose name is not even clear (are they PayOrGrief or Grief_List or…) have listed three other victims on their site who presumably did not pay their ransom demands. One…