Commentaries and Analyses – Page 208

LAPSUS and the Terrible, Horrible, No Good, Very Bad Ransom Day¹ (UPDATED)

Posted on February 27, 2022September 16, 2024 by Dissent

First they thought their victim hacked them back. Then they appeared to be trolled by a “negotiator” who wasn’t. I don’t know if the Brazilian threat actors who call themselves LAPSUS felt like moving to Australia after a bad day at the ransom office yesterday, but their attack on Nvidia and the aftermath seemed somewhat……

Dallas IT worker erased police files by accident, didn’t have enough training, report says

Posted on February 25, 2022 by Dissent

Everton Bailey Jr. reports: A former Dallas IT worker fired after deleting millions of police files last year while trying to move them from online storage didn’t have enough training to do the job properly, according to an independent investigation of the incident. Despite his job primarily being focused on working with Commvault, the software…

Hackers Sell Backdoors Into A $2 Billion Nonprofit, A Californian Hospital, And Michigan Government

Posted on February 24, 2022 by Dissent

Thomas Brewster reports: They’re called access brokers: hackers who find ways onto business or government computers and open up backdoors, charging others for entry. Typical buyers include cybercriminals wielding ransomware, the malware that’s been a scourge for global businesses and governments in recent months. For the sellers, advertising their breaches in the dark forums of…

Russian hackers infect network devices with new botnet malware

Posted on February 24, 2022 by Dissent

Dan Goodin reports: Hackers for one of Russia’s most elite and brazen spy agencies have infected home and small-office network devices around the world with a previously unseen malware that turns the devices into attack platforms that can steal confidential data and target other networks. Cyclops Blink, as the advanced malware has been dubbed, has…

Ransomware extortion doesn’t stop after paying the ransom

Posted on February 23, 2022 by Dissent

Who would have thought that criminals might lie? Where’s my shocked face? Bill Toulas reports on findings from a survey by Venafi. Here is some of what they found: 83% of all ransomware victims who paid the requested amount were extorted again, twice, or even three times. 18% of victims who paid the ransom still…

CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure

Posted on February 23, 2022 by Dissent

HHS Cybersecurity Program has issued an Alert (TLP: WHITE). Executive Summary Malicious actors use influence operations, including tactics like misinformation, disinformation, and malinformation (MDM), to shape public opinion, undermine trust, amplify division, and sow discord. Foreign actors engage in these actions to bias the development of policy and undermine the security of the U.S. and…