Gareth Corfield reports on what sounds like a legal Hail Mary play: A barristers’ chambers hit by a ransomware attack has responded by getting a court order demanding the criminals do not share stolen data. 4 New Square chambers, which counts IT dispute experts among its ranks, obtained a privacy injunction from the High Court…
Category: Malware
Digging into Decoder.re in Kaseya ransom notes– threat intel by Resecurity
Interesting #threatintel thread on Twitter this morning from Resecurity (Full disclosure: I worked with one of their team a number of years ago.). Their research findings do not seem to be up on their web site at this time, so hopefully you can access it on Twitter. The thread begins here. In light of the…
Malware campaign targets companies waiting for Kaseya security patch
Graham Cluley reports: While the world continues to wait for Kaseya to issue an update to patch VSA installations against a vulnerability exploited by the REvil ransomware gang, security firm Malwarebytes has spotted a malware campaign which is taking advantage of the vacuum. In a tweet, security researchers shared details of a malicious email that was sent…
The Waikato DHB breach: What do NZ regulations consider reasonable security?
DataBreaches.net reports on breaches from many countries, including New Zealand. On my companion site, PogoWasRight.org, I’ve posted approximately 200 news stories about privacy incidents there, their privacy laws, and decisions by their privacy commissioner. And on this site, I’ve posted almost 200 more articles about breaches impacting New Zealand. But when the Waikato District Health…
PracticeFirst notifies patients and employees after ransomware incident
Yesterday, Professional Business Systems, Inc. d/b/a Practicefirst Medical Management Solutions and PBS Medcode Corp., a medical management company that processes data for health care providers, issued a press release about an incident that occurred last year. From their release: What Happened? On December 30, 2020, We learned that an unauthorized actor who attempted to deploy…
Some Kaseya victims privately negotiating with REvil
While the headlines blare about REvil offering to decrypt all victims of the Kaseya attack if they are paid $70 million, some companies have apparently already taken to individual negotiations with the threat actors. Over on SuspectFile, Marco A. De Felice is careful not to name the victim, but describes one such set of negotiatons…