Lawrence Abrams reports: A PowerShell script used by the Pysa ransomware operation gives us a sneak peek at the types of data they attempt to steal during a cyberattack. […] Yesterday, MalwareHunterTeam shared a PowerShell script with BleepingComputer used by the Pysa ransomware operation to search for and exfiltrate data from a server. This script is designed…
Category: Commentaries and Analyses
Federal Court Finds Article III Standing In Data Event Litigation But Dismisses Majority of Plaintiff’s Claims Under Rule 12(b)(6)
Katie Sharpless of Squire Patton Boggs writes: CPW previously has covered multiple decisions that address Article III standing requirements for pleading a claim in federal court. A recent decision out of a federal court in Missouri is an example of a Court finding that Plaintiff properly alleged facts to constitute standing in a data event…
Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc
Ravie Lakshmanan reports: Cybersecurity researchers on Tuesday took the wraps off four up-and-coming ransomware groups that could pose a serious threat to enterprises and critical infrastructure, as the ripple effect of a recent spurt in ransomware incidents show that attackers are growing more sophisticated and more profitable in extracting payouts from victims. “While the ransomware…
By Design: How Default Permissions on Microsoft Power Apps Exposed Millions
The UpGuard Team writes: The UpGuard Research team can now disclose multiple data leaks resulting from Microsoft Power Apps portals configured to allow public access – a new vector of data exposure. The types of data varied between portals, including personal information used for COVID-19 contact tracing, COVID-19 vaccination appointments, social security numbers for job applicants, employee…
Wanted: Disgruntled Employees to Deploy Ransomware
These “insider help wanted” ads are cropping up more and more. Brian Krebs reports: Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer’s network in exchange…
Indra hacking group blamed for attack on Iranian railway system that trolled country’s supreme leader
Graham Cluley reports: On 9 July, Iran’s railroad system came under attack from hackers. The attackers posted messages on station departure boards warning of “long delay[s] because of cyberattack”, and suggesting inconvenienced passengers call “64411” for more information. 64411 is reportedly the telephone number of the office of Ayatollah Ali Khamenei, Iran’s supreme leader. With…