Even though the media often mentions the risk of businesses folding due to a cyberattack, attempts to find examples of where a cyberattack really was the sole explanation/cause are often hard to find. Whether there were any other financial factors in the case reported here that contributed to the firm going into administration is unknown…
Category: Commentaries and Analyses
Negotiations with the Akira ransomware group: an ill-advised approach
@Chum1ng0 took a look at four victims of Akira and what happened in terms of negotiations or not. In translation: After a detailed analysis, we identified four chats from different companies that attempted to communicate with Akira after being attacked. Some of these companies were still listed as victims on the group’s website. Days after…
HHS OCR Settles HIPAA Ransomware Cybersecurity Investigation with Comprehensive Neurology, PC
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Comprehensive Neurology, PC (Comprehensive), a small New York neurology practice, concerning a potential violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. The settlement resolves an OCR investigation of a ransomware…
FBI IC3, Verizon DBIR, Google M-Trends reports are out—here’s the conclusions!
Catalin Cimpanu writes: There are a handful of seminal reports in the cybersecurity industry, and lo and behold, three of them were released on Wednesday. Mandiant’s team, now part of Google Cloud, released M-Trends, Verizon released its Data Breach Investigations Report (aka DBIR), and the FBI Internet Crime Complaint Center (IC3) released its yearly Internet Crime Report [PDF]. All…
ELENOR-corp Ransomware: A New Mimic Ransomware Variant Attacking the Healthcare Sector
Michael Gorelik of Morphisec writes: Morphisec recently investigated an incident involving a new variant of one of the most aggressive ransomware families: Mimic version 7.5. First observed in 2022, Mimic remains relatively underreported in the public domain, aside from a detailed analysis of Mimic version 6.3 that was previously published by Cyfirma and Kaspersky. Target Audience: This threat analysis…
Florida Bar Urges Law Firms to Adopt Incident Response Plans: A Call to Action for Legal Professionals
Joseph J. Lazzarotti of JacksonLewis writes: In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to better prepare for and respond to data security incidents. The recommendation reflects a growing recognition across professional…