Ionut Ilascu reports: The Conti cybercrime syndicate runs one of the most aggressive ransomware operations and has grown highly organized, to the point that affiliates were able to hack more than 40 companies in a little over a month. Security researchers codenamed the hacking campaign ARMattack and described it as being one of the group’s…
Category: Commentaries and Analyses
Georgia Joins Multistate Settlement Over 2019 Carnival Cruise Line Data Breach
There’s an update to a breach in 2019 that was first disclosed in March 2020: ATLANTA, GA – Attorney General Chris Carr today announced that the State of Georgia, along with 45 other attorneys general, has obtained a $1.25 million multistate settlement with Florida-based Carnival Cruise Line stemming from a 2019 data breach that involved…
Grand Valley State University hit by ransomware but remains publicly silent
According to its website, Grand Valley State University (GVSU) in Michigan currently has 19,239 undergraduate students and 3,027 graduate students. The university offers 141 undergraduate and graduate degrees and employs 1,760 faculty members and 2,050 support staff members. Almost all of their students get some kind of financial aid. Those are some commendable statistics. But…
Daycare Apps Are Dangerously Insecure
Alexis Hancock writes: Last year, several parents at EFF enrolled kids into daycare and were instantly told to download an application for managing their children’s care. Daycare and preschool applications frequently include notifications of feedings, diaper changes, pictures, activities, and which guardian picked-up/dropped-off the child—potentially useful features for overcoming separation anxiety of newly enrolled children…
Four ransomware attacks on non-U.S. medical entities: Did anyone get notified?
So far, 2022 is not turning out to be a better year than 2021 when it comes to ransomware attacks on the healthcare sector. In its recent report, “The State of Ransomware in Healthcare 2022,” Sophos reports that ransomware attacks in the healthcare sector almost doubled from 2020 to 2021 and that while the ransom…
Voicemail phishing emails steal Microsoft credentials
Jeff Burt reports: Someone is trying to steal people’s Microsoft 365 and Outlook credentials by sending them phishing emails disguised as voicemail notifications. This email campaign was detected in May and is ongoing, according to researchers at Zscaler’s ThreatLabz, and is similar to phishing messages sent a couple of years ago. This latest wave is…