Commentaries and Analyses – Page 112

Unwelcome guest: Trigona ransomware group claims they’ve taken up residence in Unique Imaging’s network

Posted on May 4, 2023 by Dissent

Unique Imaging, Inc. has three locations in Florida: Aventura, Biscayne, Miami, and Dadeland. If you were to visit their website today, you wouldn’t see any sign of anything amiss, but appearances can be deceiving. A ransomware group claims that they have been living in Unique Imaging’s network for months and helping themselves to patient data…

Brightline continues notifying clients of GoAnywhere incident; count continues to rise (more than 1 million)

Posted on May 3, 2023 by Dissent

Updated May 3: When DataBreaches checked Clop’s leak site today, the listing for Brightline was gone. Whether this means that they paid Clop to get it removed, or if its removal is just temporary remains to be seen. But out of all the health-related Fortra clients this site reported on in April, the Brightline listing…

Ransomware cyberattack continues at Bluefield University

Posted on May 2, 2023 by Dissent

Updated May 3: Avos Locker subsequently added the university to its leak site with a message: “1.2 TB data from a college with cyber insurance policy that doesn’t care about protecting students. Management is a circus attempting to identify breach (good luck) and lying to students and media about the severity. We’ll continue attacking for…

The Untold Story of the Boldest Supply-Chain Hack Ever

Posted on May 2, 2023 by Dissent

Kim Zetter has a fascinating piece on the run-up to the SolarWinds attack. Here’s a snippet: In fact, the Justice Department and Volexity had stumbled onto one of the most sophisticated cyberespionage campaigns of the decade. The perpetrators had indeed hacked SolarWinds’ software. Using techniques that investigators had never seen before, the hackers gained access…

HC3: Sector Alert Report: New Data Breaches from Cl0p and Lockbit Ransomware Groups

Posted on May 1, 2023 by Dissent

April 28, 2023 New Data Breaches from Cl0p and Lockbit Ransomware Groups Executive Summary Ransomware-as-a-service (RaaS) groups Cl0p and Lockbit recently conducted several distinct attacks, exploiting three known vulnerabilities (CVE-2023-27351, CVE-2023-27350, and CVE-2023-0669). The Cybersecurity and Infrastructure Security Agency (CISA) added the latter two vulnerabilities to its Known Exploited Vulnerabilities Catalog but has not yet…

BakerHostetler’s 9th annual Data Security Incident Response Report

Posted on April 29, 2023 by Dissent

BakerHostetler’s annual report is out, and as always, it is a great read because it provides statistics and analysis of the more than 1,100 data breach incidents the law firm handled in 2022. Ted Kobus provides a bit of the history of the firm’s Digital Assets and Management Group. Here’s just one graphic from the…