The Office of the Privacy Commissioner for Personal Data (PCPD) in Hong Kong published an investigation report today concerning a ransomware attack on the database of Fotomax (F.E.) Limited. From the news release: The investigation arose from a data breach notification lodged by Fotomax with the PCPD on 1 November 2021, which reported that the…
Category: Commentaries and Analyses
UK: Hacked evidence and stolen data swamp English courts
Franz Wild, Ed Siddons, Simon Lock, Jonathan Calvert, and George Arbuthnott report: A multimillion-pound high court case between an authoritarian Gulf emirate and an Iranian-American businessman has revealed how hacked evidence is being used by leading law firms to advance their clients’ claims. It includes allegations that a former Metropolitan Police officer hired Indian hackers…
World Cup apps pose a data security and privacy nightmare
Jessica Lyons Hardcastle reports: With mandated spyware downloads to tens of thousands of surveillance cameras equipped with facial-recognition technology, the World Cup in Qatar next month is looking more like a data security and privacy nightmare than a celebration of the beautiful game. Football fans and others visiting Qatar must download two apps: Ehteraz, a Covid-19…
Ransomware gangs shift tactics, making crimes harder to track
Jack Gillum reports: Ransomware gangs increasingly use their own or stolen computer code, moving away from a leasing model that made their activities easier to monitor, new research shows. Numerous prominent hacking groups in recent years have functioned by leasing their malicious software and computing infrastructure to other bad actors, in what’s known as ransomware-as-a-service….
Scammers Are Extorting Parents With Their Dead Children’s Nude Images, FBI Says
Thomas Brewster reports: Sextortion scammers have become increasingly ruthless, targeting families of teenage victims who took their own lives after sending nude images to highly organized cybercriminal gangs, the FBI has warned. The gangs have demanded that parents or siblings pay to ensure that the sexualized photos of their deceased relatives are not publicly released,…
HC3: Analyst Note: Venus Ransomware Targets Publicly Exposed Remote Desktop Services
November 9, 2022 TLP: Clear Report: 202211091400 Executive Summary HC3 is aware of at least one healthcare entity in the United States falling victim to Venus ransomware recently. The threat actors behind Venus ransomware operations are known to target publicly exposed Remote Desktop Services to encrypt Windows devices. This report provides additional information, indicators of…