On 17 February 2022, the second-round of trilogue negotiations commenced between the EU’s institutions on the so-called ‘NIS2’ Directive, which intends to reform the EU’s current cybersecurity rules. Dan Whitehead of Hogan Lovells writes: NIS2 is intended to update the existing Directive 2016/1148 (the Network and Information Security Directive (NIS1)) which took effect in May…
Category: Breach Incidents
Monongalia Health System hacked again? Second incident report in one year.
Monongalia Health System in West Virginia issued a press release this week about a data breach that impacted patients, employees, and contractors. It was the second incident reported by them in a one-year period. But was this incident unrelated to the first incident or related to it? It’s not yet clear, let’s back up to…
Aon hit by cyber attack
Luke Gallin reports: Global insurance and reinsurance broker Aon was hit by a cyber attack on February 25th, 2022, according to an 8-K filed with the Securities and Exchange Commission (SEC) in the U.S. In its filing, Aon states that it identified a cyber incident impacting a limited number of systems. Read more at Reinsurance…
ContiLeaks providing new insights and evidence against Conti
It almost felt like Christmas came early in a winter of despair. As noted yesterday, a Conti member who appears furious with Conti for its statement supporting Russia started dumping internal records from Conti with a statement ending, “Glory to Ukraine!” The leak was first reported on Twitter by VX-Underground: Conti ransomware group previously put…
Why won’t law enforcement answer questions about RaidForums? Or have they just winked?
“Oh for f*** sake,” a February 25th message on Signal to me began. RaidForums had been seized, I was told. But had it been? [Note: this article does not link to RaidForums’ site as it is may still be a phishing page.] A WHOIS lookup on the domain today shows that the registration for RaidForums[.]com…
LAPSUS and the Terrible, Horrible, No Good, Very Bad Ransom Day1 (UPDATED)
First they thought their victim hacked them back. Then they appeared to be trolled by a “negotiator” who wasn’t. I don’t know if the Brazilian threat actors who call themselves LAPSUS felt like moving to Australia after a bad day at the ransom office yesterday, but their attack on Nvidia and the aftermath seemed somewhat……