Zack Whittaker reports: A security researcher says six companies were saved from having to pay potentially hefty ransom demands, in part thanks to rookie security flaws found in the web infrastructure used by the ransomware gangs themselves. Two companies received the decryption keys to unscramble their data without having to pay the cybercriminals a ransom,…
Category: Commentaries and Analyses
Senator Demands Answers About AT&T Data Breach from Company, Federal Agencies
Irvin Jackson reports: Following a massive AT&T data breach that resulted in the theft of tens of millions of customers’ phone and text messaging history, a U.S. Senator has sent a request for more information about how the breach occurred and when federal agencies learned about the problems, suggesting that cyberattack could represent a threat…
FBI Issues Warning As ‘Men In Black’ Hackers Demand $60 Million Ransom
Davey Winder reports: An updated advisory from the FBI and the Cybersecurity and Infrastructure Security Agency has warned of the danger from a ransomware group that has demanded as much as $60 million from its victims, and a staggering total of $500 million so far. The criminal hackers concerned have rebranded from calling themselves Royal…
Six U.S. hospital breach reports from July; some have flown under the media radar (1)
Although DataBreaches does not report on all incidents involving U.S. healthcare entities, a log is kept to calculate statistics for the annual Breach Barometer report produced by Protenus, Inc. For the month of July, DataBreaches noted the following six U.S. hospitals disclosed breaches or were claimed as victims by threat actors. Some of these incidents…
Mandiant Uncovers Threat Group Behind Basta Ransomware
Akshaya Asokan reports: A newly identified financially motivated hacking group is deploying Basta ransomware as part of an ongoing extortion campaign that began early this year. Google Mandiant, which uncovered the campaign, tracks the group as UNC4393. Since Basta is not publically marketed and is available on invitation-only basis, Mandiant researchers believe UNC4393 is likely the “primary…
Ever More Toxic Ransomware Brands Breed Lone Wolf Operators
Mathew J. Schwartz reports: The downfall of previously high-flying ransomware operations Alphv and LockBit has shaken up the criminal underground, turning some former affiliates into lone operators and causing some under-the-radar groups to rack up record extortion payments. Ransomware incident response firm Coveware said in a report that 10% of all ransomware attacks it monitored…