Category: Commentaries and Analyses

AirAsia’s parent company told to supply documents; government probes Daixin ransomware attack

Posted on by Dissent

John Bunyan reports: The Ministry of Communications and Digital has ordered Capital A, the parent of AirAsia, to submit supporting documents and data for the investigation into the breach of the airline’s networks that exposed the personal information of millions of passengers and staff. Communications and Digital Minister Fahmi Fadzil said the security breach affecting…

Read more

HC3: Analyst Note: Royal Ransomware

Posted on by Dissent

December 07, 2022 TLP:CLEAR Report: 202212071400 Executive Summary Royal is a human-operated ransomware that was first observed in 2022 and has increased in appearance. It has demanded ransoms up to millions of dollars. Since its appearance, HC3 is aware of attacks against the Healthcare and Public Healthcare (HPH) sector. Due to the historical nature of…

Read more

New Ransom Payment Schemes Target Executives, Telemedicine

Posted on by Dissent

Brian Krebs has an interesting write-up about some of the goings-on involving ransomware groups targeting the healthcare sector. Krebs cites Alex Holden of Hold Security, a Milwaukee-based cybersecurity firm. Holden’s team reportedly gained visibility into discussions among members of two different ransom groups: CLOP (a.k.a. “Cl0p” a.k.a. “TA505“), and a newer ransom group known as Venus.  Readers…

Read more

HoHoHo Holiday routines…

Posted on by Dissent

RedSense has issued a new paper that starts with a reminder: Holidays Routine 2022/23: Not Novel Naughty or nice, there’s a few things in cyber circuits that won’t change in this year’s Holiday Season. 1. Threat actors are financially motivated, driven by human needs, and the holidays are expensive 2. Threat actors stereotypically choose simple…

Read more