Dennis Fisher reports: Researchers have discovered that the LV ransomware that has been in use since late 2020 is actually a modified version of the REvil ransomware binary that is being distributed by a separate threat group. An analysis of the LV ransomware binary by Secureworks Counter Threat Unit researchers shows that LV is a version of…
Category: Commentaries and Analyses
Norway says Chinese group APT31 is behind catastrophic 2018 government hack
Catalin Cimpanu reports: Norway’s police secret service said this week that APT31, a cyber-espionage group operating on behalf of China, was responsible for a 2018 breach of the government’s IT network. According to the Norwegian Police Security Service (PST), the 2018 hack was as bad as it could get. “The investigation revealed that the actor…
50,000 security disasters waiting to happen: The problem of America’s water supplies
Kevin Collier reports: On Jan. 15, a hacker tried to poison a water treatment plant that served parts of the San Francisco Bay Area. It didn’t seem hard. The hacker had the username and password for a former employee’s TeamViewer account, a popular program that lets users remotely control their computers, according to a private report…
State Legislatures Consider Bans on Ransomware Payments
Emily Poole of Alston & Bird writes: As ransomware attacks continue to dominate the news cycle, legislation has recently been introduced in several states that would place limits on certain entities’ ability to pay a ransom payment in the event of a ransomware attack. Although the proposed limits would generally apply to state agencies and…
Fake DarkSide gang targets energy, food industry in extortion emails
Lawrence Abrams reports: Threat actors impersonate the now-defunct DarkSide Ransomware operation in fake extortion emails sent to companies in the energy and food sectors. […] In a new report, Trend Micro researchers reveal that a new extortion campaign started in June where threat actors are impersonating the DarkSide ransomware gang. “Several companies in the energy…
First American Financial Pays Farcical $500K Fine – Krebs
Brian Krebs reports: In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. [NYSE:FAF] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. This week, the U.S. Securities and Exchange Commission settled its investigation into the matter after the…