Andy Greenberg, Matt Burgess, and Lily Hay Newman of WIRED report: Made possible through partnership with ThreatLocker Ransomware gangs, email scammers, state-sponsored spies: hacking groups come in all shapes and sizes. There are some we write about quite a bit here at WIRED, who through some combination of audacity, incompetence, or geopolitical importance—or some combination…
Category: Commentaries and Analyses
The art of restraint: why not every system should be owned
Jesse William McGraw writes: Greetings, reader! I want to talk about my former life as a blackhat hacker because it never makes any sense. Many of my rampant hacking campaigns focused on breaking into big servers across several industries but not on seizing the networks by the throat and forcing them to their knees. I…
UnitedHealth is demanding some struggling doctors immediately repay loans issued after last year’s cyberattack
Ashley Capoot reports: Following the massive cyberattack on UnitedHealth Group’s Change Healthcare unit last year, the company launched a temporary funding assistance program to help medical practices with their short-term cash flow needs, offering no-interest loans with no added fees. A little over a year later, UnitedHealth is aggressively going after borrowers, demanding they “immediately repay” their outstanding balances,…
CISA, experts warn of Crush file transfer attacks after a controversial disclosure
Jonathan Greig reports on another vulnerability affecting file transfer software that has been exploited soon after disclosure. In this case, though, there’s some contentious statements about responsible disclosure or lack thereof. Federal cybersecurity officials as well as incident responders at cyber companies say hackers are exploiting a vulnerability within the popular file transfer tool Crush….
2024 Year in Review: Data Breach Litigation
Seen at Wilmer Hale: One of the main risks for a company in the event of a data breach is the threat of litigation. Data breach litigation continued to proliferate in 2024, as it has in prior years. In the past year, plaintiffs continued to seek relief following data breaches under state common-law doctrines, and…
Unmasking EncryptHub: Help from ChatGPT & OPSEC blunders
KrakenLabs writes: This is the second part of Outpost24’s KrakenLabs investigation into EncryptHub, an up-and-coming cybercriminal who has been gaining popularity in recent months and is heavily expanding and evolving operations at the time of writing. We’ve already published one article explaining EncryptHub’s campaigns and TPPs, infrastructure, infection methods, and targets. This article will follow a different approach. We’ll…