Graham Cluley writes: Microsoft has shared details of a widespread phishing campaign that not only attempted to steal the passwords of targeted organisations, but was also capable of circumventing multi-factor authentication (MFA) defences. The attackers used AiTM (Attacker-in-The-Middle) reverse-proxy sites to pose as Office 365 login pages which requested MFA codes, and then use them…
Category: Commentaries and Analyses
Inside The Russian Cybergang Thought To Be Attacking Ukraine—The Trickbot Leaks
Davey Winder reports: … I can exclusively report that threat intelligence specialist Cyjax has today published an in-depth analysis delving deep into the heart of the Trickbot cybergang. Months of painstaking research through hundreds of leaked documents has resulted in what is possibly the most comprehensive breakdown of a significant international cybercrime syndicate I’ve seen. Covering…
Ransomware attacks on educational institutions shoot up sharply: Sophos’ report
K.V. Kurmanath reports: …In the absence of proper cyber security shields and defence mechanisms, the number of ransomware attacks in this sector has gone up significantly, said a report by Sophos, a British-based security software and hardware company. “The ‘State of Ransomware in Education 2022’ finds that about 60 per cent of the education institutions…
Balancing Act: Understanding the Legal Implications of Post-Data Breach Public Statements
David Balser, a partner at King & Spalding, writes: When a company discovers that it has been a victim of a data breach, it is essential to act quickly. In particular, an issue of critical importance is when and how a breached company discloses the data breach to customers, business partners, regulators and the general…
Oklahoma State University – Center for Health Services Pays $875,000 to Settle Hacking Breach
There’s an update to a breach previously reported on this site in 2018. From HHS: Oklahoma State University – Center for Health Sciences (OSU-CHS) has paid $875,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and agreed to implement a corrective action plan to settle potential…
Holy Ghost ransomware operation linked to North Korean hackers
Ionut Ilascu reports: For more than a year, North Korean hackers have been running a ransomware operation called HolyGhost, attacking small businesses in various countries. The group has been active for quite a while but it failed to gain the notoriety and financial success of other gangs even if the operation followed the same recipe:…