A Sunday two-fer on health data breaches: WellDyneRx, LLC (“WellDyne”) issued a press release on May 6 concerning an incident they first detected on December 2. The Florida-headquartered pharmacy benefits service provider’s investigation discovered that there was unauthorized access to an email account between October 30, 2021, and November 11, 2021. “Although there is no…
Author: Dissent
Cybercrime loves company: Conti cooperated with other ransomware gangs
Seems to be a lot of Conti-related analyses this week, as well as the $10 million reward offered by the government for information leadings to Conti’s leaders. From Intel471: Software developers often depend on the collective knowledge of the industry to build their products. Whether it’s through reverse engineering, poaching talent, or straight up cloning…
False-flag cyberattacks a red line for nation-states, says Mandiant boss
Jessica Lyons Hardcastle reports: False-flag cyberattacks represent a red line that even nation states like Russia and China don’t want to cross, according to Mandiant CEO Kevin Mandia. “It’s one of the last rules of the playground that a modern nation may not want to break because they don’t want everyone doing false flags,” he…
OpenSea Discord server hacked, increasing the risk of phishing scams
Ali Raza reports: OpenSea, a non-fungible token marketplace, has become the victim of a hack on its main Discord channel. The breach has allowed the threat actors to post fake announcements about partnerships between OpenSea and other projects. OpenSea shared a screenshot on May 6 showing the fake news about partnerships. The screenshot also contained a link…
Conti and Hive ransomware operations: Leveraging victim chats for insights
Kendall McKay and colleagues Paul Eubanks and Jaime Filson of Talos issued a report this week with some interesting insights. EXECUTIVE SUMMARY Through open-source research, we obtained and analyzed over four months of chat logs — more than 40 separate conversations — between Conti and Hive ransomware operators and their victims. The findings in this…
IKEA Canada confirms data breach involving personal information of approximately 95,000 customers
Chris Fox reports on an insider-wrongdoing breach that sounds like it was detected and stopped fairly quickly, but not before more than 90,000 customers could have had their data accessed. IKEA says that it has notified Canada’s privacy watchdog following a data breach involving the personal information of approximately 95,000 customers. In a statement provided…