Valéry Rieß-Marchive explains how LeMagIT staff tracked Conti and Avaddon in 2021 using available tools and Blockchain activity and how developments since then have made tracking easier in some respects. He writes, in part (machine translation): A major development has occurred in the past two years, besides the Conti Leaks : awareness of bitcoin ransom payment…
Category: Commentaries and Analyses
Former employee exfiltrated some employee data improperly — Credit Suisse AG
On January 20, the data protection officer for Credit Suisse AG filed a breach notification with the Maine Attorney General’s Office. According to their notice, a breach occurred on or about January 1, 2016. The exact date was unknown, and the breach reportedly wasn’t discovered until December 21, 2022. The summary description of the incident…
NIST Requests Comments on Potential Significant Updates to the Cybersecurity Framework
Micaela McMurrough, Ashden Fein, Caleb Skeath, and Matthew Harden of Covington and Burling write: On January 19, 2023, the National Institute of Standards and Technology (“NIST”) published a Concept Paper setting out “Potential Significant Updates to the Cybersecurity Framework.” Originally released in 2014, the NIST Cybersecurity Framework (“CSF” or “Framework”) is a framework designed to assist organizations with…
Twitter GodMode still available to all engineers, following hack of Apple and other accounts
Ben Lovejoy reports: Twitter GodMode – an internal tool that hackers used to tweet from high-profile accounts, including Apple, back in 2020 – remains available to all of the company’s engineers, according to a new report today. […] The Washington Post reports that a whistleblower reported this to Congress back in October, and it has now been shared…
NHS Is The Most Phished UK Government Organization
Cyber Security Intelligence reports: Cyber security experts have recently revealed the top six government impersonation scams they have removed from the Internet in 2022 as they urged the public to remain vigilant to cyber crime in 2023. The scams unveiled by the National Cyber Security Centre (NCSC), part of GCHQ, included phishing emails and messages from cyber criminals…
Private health data breach in Isle of Man to be dealt within 3 months, officials say
Seen on diabetes.co.uk: An organisation set up to focus on the delivery of health and social care on the Isle of Man has been given a three-month deadline to stop data breaches. Manx Care will be ordered to pay £170,000 if they fail to prevent breaches of people’s private data within the next three months….