Rodney Holmes reports: Over the weekend, an infamous hacker known as Jason Brubeck succeeded in stealing around 850 ETH ($1+ million) worth of the Bored Ape collection, leaving his victim completely devastated. The news was first broken by @Snake, who were able to detect and identify suspicious activity through phishing tactics with impressive accuracy. Read more…
Category: Commentaries and Analyses
LockBit 3.0: usurpers multiply and go upmarket
Valéry Rieß-Marchive reports (machine translation): A new impersonator of the LockBit 3.0 ransomware franchise has just been spotted. Like the one who attacked the André-Mignot hospital in Chesnay-Rocquencourt at the beginning of December, he does not offer a Web interface accessible via Tor to discuss with his victims and, if necessary, negotiate the requested ransom: the…
Iran-linked Charming Kitten espionage gang bares claws to pollies, power orgs
Jessica Lyons Hardcastle reports: An Iranian cyber espionage gang with ties to the Islamic Revolutionary Guard Corps has learned new methods and phishing techniques, and aimed them at a wider set of targets – including politicians, government officials, critical infrastructure and medical researchers – according to email security vendor Proofpoint. Over the past two years,…
T-Mobile Data Breach Win Paves Path for Cyber Insurance Disputes
Daphne Zhang reports: T-Mobile US Inc.’s recent cyber insurance victory in Washington state court helps clear the way for organizations to use third-party data breach settlement payments to satisfy skyrocketing cyber insurance deductibles. The Nov. 28 Washington appeals court ruling held that the telecom giant satisfied a $10 million deductible under a cyber policy with a Zurich…
HC3: Analyst Note: LockBit 3.0 Ransomware
Report: 202212121700 LockBit 3.0 Ransomware December 12, 2022 Executive Summary LockBit 3.0 is the newest version of the LockBit ransomware that was first discovered in September 2019. The ransomware family has a history of using the Ransomware-as-a-service (RaaS) model and typically targets organizations that could pay higher ransoms. Historically, this ransomware employs a double extortion…
KS: Legislative Post Audit report identifies IT concerns at state agencies, school districts
Phil Anderson reports: A report from the Kansas Legislative Division of Post Audit that was released this week identified a number of information technology security concerns found over a three-year period at state agencies and school districts. The report was made public during a session on Monday at the Statehouse. According to the report, the…