Hunton Andrews Kurth writes: On February 16, 2021, the New York Department of Financial Services (“NYDFS”) issued a Cyber Fraud Alert (the “Alert”) to regulated entities in light of a growing campaign to steal Nonpublic Information (“NPI”), as defined under New York law, from public-facing websites that provide instant quotes for products like auto insurance (“Instant Quote…
Category: Commentaries and Analyses
Inside a ransomware attack on a small trucking company
Nate Tabak reports: George got the email a week after the ransomware attack on the small trucking and logistics company he manages. It contained screenshots from within the firm’s transportation management system, or TMS, the digital nerve center that orchestrates the movement of trucks and freight. The hackers sent the screenshots among other stolen data….
Follow-up: Data from the Toledo Public Schools attack by Maze reportedly being misused
In September, DataBreaches.net reported that Maze threat actors claimed to have attacked an Ohio public school district, but the district was not responding to inquiries from this site about the claims. One month later, this site named the district as Toledo Public Schools and reported that while Maze had dumped files with student and employee…
FireEye and Accellion provide more details on attack
Andrew Moore, Genevieve Stark, Isif Ibrahima, Van Ta of FireEye write: Starting in mid-December 2020, malicious actors that Mandiant tracks as UNC2546 exploited multiple zero-day vulnerabilities in Accellion’s legacy File Transfer Appliance (FTA) to install a newly discovered web shell named DEWMODE. The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, several organizations…
Amber Group breaks silence on unsecured storage bucket; NatSec minister suggests TechCrunch reporter may have violated CyberCrime Act
The Gleaner reports a follow-up on an unsecured storage server exposing personal information and COVID-related information of travelers to Jamaica. The exposed bucket was first reported by Zack Whittaker of TechCrunch on February 17: The storage server, hosted on Amazon Web Services, was set to public. It’s not known for how long the data was…
India’s cyber defenses breached and reported; govt. yet to fix it
John Xavier reports that India’s government has been slow to respond to a report by ethical hackers that had been shared with the U.S. Department of Defense Cyber Crime Center (DC3): which initiated contact with the India’s National Critical Infrastructure Information Protection Centre (NCIIPC). Following this, the security team shared its 34-page threat report to…