Jessica Lyons Hardcastle reports: An Iranian cyber espionage gang with ties to the Islamic Revolutionary Guard Corps has learned new methods and phishing techniques, and aimed them at a wider set of targets – including politicians, government officials, critical infrastructure and medical researchers – according to email security vendor Proofpoint. Over the past two years,…
Category: Commentaries and Analyses
T-Mobile Data Breach Win Paves Path for Cyber Insurance Disputes
Daphne Zhang reports: T-Mobile US Inc.’s recent cyber insurance victory in Washington state court helps clear the way for organizations to use third-party data breach settlement payments to satisfy skyrocketing cyber insurance deductibles. The Nov. 28 Washington appeals court ruling held that the telecom giant satisfied a $10 million deductible under a cyber policy with a Zurich…
HC3: Analyst Note: LockBit 3.0 Ransomware
Report: 202212121700 LockBit 3.0 Ransomware December 12, 2022 Executive Summary LockBit 3.0 is the newest version of the LockBit ransomware that was first discovered in September 2019. The ransomware family has a history of using the Ransomware-as-a-service (RaaS) model and typically targets organizations that could pay higher ransoms. Historically, this ransomware employs a double extortion…
KS: Legislative Post Audit report identifies IT concerns at state agencies, school districts
Phil Anderson reports: A report from the Kansas Legislative Division of Post Audit that was released this week identified a number of information technology security concerns found over a three-year period at state agencies and school districts. The report was made public during a session on Monday at the Statehouse. According to the report, the…
A second group of threat actors has now leaked Kenosha USD data
Oh what a tangled web we weave…. Back in October, DataBreaches reported that Snatch Team had listed Kenosha Unified School District in Wisconsin on its dedicated leak site. By the end of the day, however, the listing had been removed without any data having been leaked. Then in November, REvil listed KUSD on their leak…
Most of the 10 largest healthcare data breaches in 2022 are tied to vendors
Jessica Davis reports: Ninety percent of 10 largest healthcare data breaches reported this year were caused by third-party vendors, much like in 2021. The fallout for many of these cyberattacks resulted in impacts for multiple connected providers, with two of these vendor incidents affecting hundreds of providers. These incidents should serve as a warning to…