Bill Toulas reports: LockBit ransomware affiliates are using an interesting trick to get people into infecting their devices by disguising their malware as copyright claims. The recipients of these emails are warned about a copyright violation, allegedly having used media files without the creator’s license. These emails demand that the recipient remove the infringing content…
Category: Commentaries and Analyses
Unsurprisingly, hacktivists protest the overturn of a woman’s right to her own body
The announcement appeared on the Telegram channel of a group calling themself “SiegedSec:” TIME FOR SOME 1337 H4CKTIVISM!!! (4 the record, we will still do blackhat stuff 😉 Like many, we are also pro-choice, one shouldn’t be denied access to abortion. As added pressure to the U.S government, we have leaked many internal documents and…
Expensive week for Carnival Corp: a $1.25 million settlement with states over one breach, then a $5 million settlement with New York for violating state cybersecurity regulation
It seems this was the week for following up on Carnival Corporation breaches. Earlier this week, state attorneys general announced a $1.25 million multistate settlement with the cruise line over a 2019 data breach first disclosed in 2020. But there was other news concerning the cruise line this week, too. On Friday, the New York…
Everything old is new again? Ransomware groups stop encrypting and switch to theft/extortion model.
In a new post at The Register, Jessica Lyons Hardcastle reports, in part: ….. Increasingly, however, cybercrime rings still tracked as ransomware operators are turning toward primarily data theft and extortion – and skipping the encryption step altogether. Rather than scramble files and demand payment for the decryption keys, and all the faff in between…
New York State School District Audits Released in June
New York State Comptroller DiNapoli released more school district audits in June. As always, some of the audits do not reveal all the concerns or recommendations. Some concerns or recommendations are shared with districts confidentially for security reasons. Here are summaries of audits of school districts released in June that relate to school district IT:…
FTC Finalizes Action Against CafePress for Covering Up Data Breach, Lax Security
CafePress Must Bolster Data Security Protections, Pay Half a Million Dollars The Federal Trade Commission finalized an order against CafePress over allegations that it failed to secure consumers’ sensitive personal data including Social Security numbers and covered up a major data breach. The Commission’s order requires the company to bolster its data security and requires its former…