[Comment: I’ve been waiting for this since I first suspected that Daixin Team might be responsible for the CommonSpirit breach. And although it has not been confirmed by anyone, I still suspect them of that one. — Dissent] Alert (AA22-294A) #StopRansomware: Daixin Team Download the PDF version of this report: pdf, 591 KB Technical Details Note:…
Category: Commentaries and Analyses
OldGremlin, which targets Russia, debuts new Linux ransomware
Dev Kundaliya reports: Russian-speaking ransomware gang OldGremlin, which unusually targets Russian entities, is now using file-encrypting malware to target Linux machines. That’s according to the cybersecurity company Group-IB which on Thursday published what it claims to be the first comprehensive report on OldGremlin ransomware group, also referred to as TinyScouts. Read more at Computing.
BlackByte ransomware uses new data theft tool for double-extortion
Bill Toulas reports: A BlackByte ransomware affiliate is using a new custom data stealing tool called ‘ExByte’ to steal data from compromised Windows devices quickly. Data exfiltration is believed to be one of the most important functions in double-extortion attacks, with BleepingComputer told that companies are more commonly paying ransom demands to prevent the leak…
Iranian Cyber Group Emennet Pasargad Conducting Hack-and-Leak Operations Using False-Flag Personas
FBI Private Industry Notification 20 October 2022 PIN Number 20221020-001 Summary The FBI is providing information concerning ongoing hack-and-leak cyber operations conducted by Iranian cyber group Emennet Pasargad. According to FBI information, since at least 2020, Emennet targeted entities primarily in Israel with cyber-enabled information operations that included an initial intrusion, theft and subsequent leak…
Cybersecurity Frameworks: What K-12 Leaders Need to Know
The K12 Security Information eXchange (K12 SIX) is pleased to release “Cybersecurity Frameworks: What K-12 Leaders Need to Know,” a new resource for state and local education leaders encouraging the adoption of nationally recognized cybersecurity best practices. This white paper, commissioned by the State Educational Technology Directors Association (SETDA) as part of the work of…
New York Department of Financial Services settles charges against EyeMed with a $4.5 million penalty and remedial cybersecurity plan
In January 2022, DataBreaches reported that New York announced a $600,000 agreement with EyeMed that resolved a 2020 phishing incident that compromised the personal information of approximately 2.1 million consumers nationwide, including 98,632 in New York. But that was not the end of enforcement action and monetary penalties for EyeMed. Now the state’s Department of…