Unchained reports: Researchers at crypto exchange BitMEX on Friday said that they had uncovered several critical missteps that North Korean state-sponsored hacker group Lazarus had made during its campaigns. Those lapses included exposed IP addresses, an accessible Supabase database, and tracking algorithms. One finding was a rare slip-up in which a hacker likely revealed their real IP…
Author: Dissent
Akira doesn’t keep its promises to victims — SuspectFile
Over on SuspectFile, @amvinfe has been busy exposing Akira’s false promises to its victims. In two posts this week, he reports on what happened with one business in New Jersey and one in Germany that decided to pay Akira’s ransom demands. He was able to report on it all because Akira failed to secure its…
Fraudsters, murderers, students: who the GRU assembled a team of hacker provocateurs from and why it failed
The Insider reports: In September 2024, the FBI published an indictment against a group of hackers working for GRU Unit 29155, the same military unit that became famous for poisoning Skripal in Salisbury. It has long been known that the GRU has hacker units, The Insider was the first to prove this back in 2017, and then it was…
Order of Psychologists of Lombardy fined 30,000 € for inadequate data security protection and detection following ransomware attack
The Privacy Guarantor has fined the Order of Psychologists of the Lombardy Region [Ordine degli psicologi della Lombardia] for 30 thousand euros for not having adopted adequate technical and organizational measures to guarantee data security. The Guarantor intervened following some complaints and the notification of data breach made by the Order, which declared to have…
Lower Merion School District says a data breach was caused by a computer glitch (1)
DataBreaches cannot read “Lower Merion School District” without recalling the “Webcamgate” scandal of 2010, when the district was discovered monitoring students remotely in their bedrooms on district-issued MacBooks. At the time, they initially denied any misuse of remote access that was part of a security feature. Now the district is back in local news in…
After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
Nelcia Charlemagne reports: Virgin Islands Lottery’s executive director, Raymond Williams, says the entity is now “90 percent back [to] functionality” after a cybersecurity incident that halted operations across the territory. The March ransomware attack compromised Lottery’s entire network. Mr. Raymond appeared before the Committee on Government Operations, Veterans Affairs, and Consumer Protection on Friday. He reminded Committee…