February 27, 2024: SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware….
Category: Commentaries and Analyses
School cyber incidents on Long Island: Reported cases rose sharply in 2023
Craig Schneider reports: Long Island schools saw a big increase in the number of reported computer hacks and other cyber incidents in 2023 compared to the prior year, and human error continued to be a major cause of exposing sensitive student information such as special education disabilities and disciplinary problems, records show. Island schools suffered…
As expected, LockBit is back already
Only five days after an international law enforcement effort seized LockBit’s leak sites, 34 servers, and 14,400 rogue email accounts used to support infrastructure and extortion, LockBit3.0 has reappeared with a new Tor site that looks like the old one. There are half a dozen entries on it at this time. One of the listings…
NIST Publishes Final “Cybersecurity Resource Guide” on Implementing the HIPAA Security Rule
Jennifer Hennessy and Christopher Taylor of Foley & Lardner write: In an important development for HIPAA-regulated entities looking for practical assistance in understanding, implementing, and enhancing compliance with the HIPAA Security Rule, the National Institute of Standards and Technology (NIST) has finalized its comprehensive guidance, Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A…
True or false, Friday law enforcement edition
From today’s update to the LockBit3.0 blog, now under the control of law enforcement, we read claims that law enforcement knows who and where LockBitSupp is, and that he drives a Mercedes and not a Lamborghini. Now that last bit may be enough to get a response from LockBitSupp if they’re just trolling him. But…
If you pay ransom, you may not get your data back and worse, you probably WILL get hit again – Cybereason Survey
Ever since ransomware attacks and “double extortion” attacks became common, law enforcement has urged victims not to pay ransom demands. Paying criminals ransom only encourages them to attack more victims, and despite criminals swearing they will delete their copy of your data that they stole, they don’t. Then, too, once you show them that you…