Quinn Emanuel Urquhart & Sullivan, LLP write, in part: Companies face yet another major risk after a data breach—one which is increasing exponentially—data breach litigation brought by private plaintiffs, often in the form of class actions brought by sophisticated plaintiffs’ counsel who specialize in such cases. Private civil litigation is now a probability, not a…
Category: Commentaries and Analyses
Nice Try Tonto Team: How a nation-state APT attempted to attack Group-IB
Group-IB writes: In 2023, IT and cybersecurity companies remain one of the most attractive targets for cybercriminals, according to the latest threat report “Hi-Tech Crime Trends 2022/2023”. The compromise of a vendor’s infrastructure opens up ample opportunities to penetrate the network further and gain access to a huge pool of data about the victim’s customers…
New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign
Chetan Raghuprasad writes: Since December 2022, Cisco Talos has been observing an unidentified actor deploying two relatively new threats, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware, to steal cryptocurrency from victims. Talos observed the actor scanning the internet for victim machines with an exposed remote desktop protocol (RDP)…
GAO Report: Cybersecurity High-Risk Series: Challenges in Protecting Privacy and Sensitive Data
GAO-23-106443 Published: Feb 14, 2023. Fast Facts: Federal systems are vulnerable to cyberattacks. Our High Risk report identified 10 critical actions for addressing federal cybersecurity challenges. In this report, the last in a series of four, we cover the 2 actions related to Protecting Privacy and Sensitive Data: Improve federal efforts to protect privacy and sensitive data, such…
Cloudflare thwarts largest reported HTTP DDoS attack
Waqas reports: Cloudflare stated that it had managed to mitigate multiple “hyper-volumetric” DDoS attacks that originated from more than 30,000 IP addresses. According to a recent blog post by Cloudflare, a vendor specializing in DDoS attack mitigation, its customers were targeted by a series of volumetric DDoS (Distributed Denial of Service) attacks over the past weekend. These…
New Picus Red Report warns of “Swiss Army knife” malware
The versatility of the latest malware is demonstrated by the fact that a third of the total sample analyzed by Picus Labs is capable of exhibiting more than 20 individual Tactics, Techniques, and Procedures (TTPs). San Francisco, US, 14th February 2023– Picus Security, the pioneer of Breach and Attack Simulation (BAS), has released The Red Report 2023, an in-depth analysis…