Commentaries and Analyses – Page 133

HC3: Analyst Note: Royal Ransomware

Posted on December 9, 2022 by Dissent

December 07, 2022 TLP:CLEAR Report: 202212071400 Executive Summary Royal is a human-operated ransomware that was first observed in 2022 and has increased in appearance. It has demanded ransoms up to millions of dollars. Since its appearance, HC3 is aware of attacks against the Healthcare and Public Healthcare (HPH) sector. Due to the historical nature of…

New Ransom Payment Schemes Target Executives, Telemedicine

Posted on December 9, 2022 by Dissent

Brian Krebs has an interesting write-up about some of the goings-on involving ransomware groups targeting the healthcare sector. Krebs cites Alex Holden of Hold Security, a Milwaukee-based cybersecurity firm. Holden’s team reportedly gained visibility into discussions among members of two different ransom groups: CLOP (a.k.a. “Cl0p” a.k.a. “TA505“), and a newer ransom group known as Venus. Readers…

HoHoHo Holiday routines…

Posted on December 8, 2022 by Dissent

RedSense has issued a new paper that starts with a reminder: Holidays Routine 2022/23: Not Novel Naughty or nice, there’s a few things in cyber circuits that won’t change in this year’s Holiday Season. 1. Threat actors are financially motivated, driven by human needs, and the holidays are expensive 2. Threat actors stereotypically choose simple…

6 Lakh Indians’ Data Sold on Bot Markets, Making it Most-affected Nation

Posted on December 8, 2022 by Dissent

Bhaswati Guha Majumder reports: A recent study revealed that approximately 5 million people worldwide have had their data stolen and sold on the bot market, with 600,000 from India. It means that India, which is still waiting for a data protection bill to become law, is the most severely impacted country in the world, accounting for…

Medibank Shutting All Branches, Going Offline, In Security Overhaul

Posted on December 7, 2022 by Dissent

Nathan Jolly reports: Medibank will be closing all branches, IT centres, and going completely offline as it completely overhauls its online security. The country’s biggest health insurer will be completely offline from 8.30pm on Friday until Sunday, in a bid to “further strengthen our systems and enhance security protections” after one of the country’s worst…

Zero-Day Hackers Breach Samsung Galaxy S22 Twice In 24 Hours

Posted on December 7, 2022 by Dissent

Davey Winder reports: Last year, during the Pwn2Own hacking event in Austin, Texas, the Samsung Galaxy S21 was hacked, not once but twice, across a period of just 48 hours. This year, at the Pwn2Own competition in Toronto, Canada, elite hacking teams went one better: Samsung’s flagship Galaxy S22 smartphone fell to zero-day exploits twice on…