Sergiu Gatlan reports: RansomHub ransomware operators are now deploying new malware to disable Endpoint Detection and Response (EDR) security software in Bring Your Own Vulnerable Driver (BYOVD) attacks. Named EDRKillShifter by Sophos security researchers who discovered it during a May 2024 ransomware investigation, the malware deploys a legitimate, vulnerable driver on targeted devices to escalate…
Author: Dissent
Tabb Inc. Security Gaffe Exposes 200,000 Background Check Files for More Than Six Months (2)
An unsecured backup blob exposed pre-employment background checks on approximately 200,000 people. Applicant files contained various amounts of personal and occupational information, including SSN, name, address, driver’s license, date of birth, education and employment history, and in some cases, criminal background checks. Files went back 15 years. The blob was unsecured for at least six…
Russian Citizen Sentenced to 40 Months for Selling Stolen Financial Information on the Criminal Internet Marketplace Slilpp
WASHINGTON – Georgy Kavzharadze, 27, of Moscow, Russia, was sentenced today to 40 months in prison for being a prolific vendor of stolen financial information, login credentials, and other personally identifying information (PII) on a criminal internet marketplace called Slilpp, announced U.S. Attorney Matthew M. Graves and FBI Special Agent in Charge David…
From the “I Wouldn’t Hold My Breath Department”
We understand why courts issue such injunctions and rulings, but still… PA News Agency reports: Hackers responsible for a cyber attack that led to more than 10,000 NHS appointments being cancelled have been ordered by a High Court judge to “unmask” themselves and return or delete stolen data. Pathology services provider Synnovis was targeted by…
Three State Attorneys General Secure $4.5 Million from Enzo Biotech for Failing to Protect Health Data of 2.4 Million Patients
NEW YORK – New York Attorney General Letitia James and the attorneys general of Connecticut and New Jersey today secured $4.5 million from Enzo Biochem, Inc. (Enzo) for failing to adequately safeguard the personal and private health information of its patients. Enzo is a biotechnology company that offers patients diagnostic testing at its laboratories in New York,…
U.S. Army Intelligence Analyst Pleads Guilty to Charges of Conspiracy to Obtain and Disclose National Defense Information, Export Control Violations and Bribery
Today’s reminder of the insider threat is yesterday’s press release from the Department of Justice: Korbein Schultz, a U.S. Army soldier and intelligence analyst, pleaded guilty today to all charges against him in the indictment returned by a federal grand jury in March 2024 charging him with conspiracy to obtain and disclose national defense information,…