By mid-September, it was clear that school districts were under increased threat of ransomware attacks. In fact, when Clark County School District (CCSD) in Las Vegas and Fairfax County Public Schools (CFPS) in Virginia were added to the Maze cartel’s leak site, it seemed to portend potentially big data dumps. Since that dump, Maze dumped…
Category: Commentaries and Analyses
Twitter hackers trick employees by posing as IT workers, NY probe finds
Noah Manskar reports: A simple phone scam was the key first step in a Twitter hack that took over dozens of high-profile accounts this summer, New York regulators say. The hackers responsible for the July 15 attack called Twitter employees posing as company IT workers and tricked them into giving up their login credentials for the social network’s internal tools, the state’s Department of…
CISA and MS-ISAC Release Joint Guide on Ransomware
Trisha Anderson, Ashden Fein and James Yoon of Covington & Burling write: On September 30, 2020, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Multi-State Information Sharing and Analysis Center (“MS-ISAC”) released a joint guide synthesizing best practices to prevent and respond to ransomware. This guide was published the day before OFAC and FinCEN released their…
FIN11: Widespread Email Campaigns as Precursor for Ransomware and Data Theft
Genevieve Stark, Andrew Moore, Vincent Cannon, Jacqueline O’Leary, Nalani Fraser, and Kimberly Goody of FireEye write: Mandiant Threat Intelligence recently promoted a threat cluster to a named FIN (or financially motivated) threat group for the first time since 2017. We have detailed FIN11’s various tactics, techniques and procedures in a report that is available now by…
Tyler Technologies finally paid the ransom to receive the decryption key
Pierluigi Paganini reports: Tyler Technologies has finally decided to paid a ransom to obtain a decryption key and recover files encrypted in a recent ransomware attack. Tyler Technologies, Inc. is the largest provider of software to the United States public sector. At the end of September, the company disclosed a ransomware attack and its customers reported…
Data leak at Covid testing call center under investigation
NL Times reports: The Dutch data protection authority AP is investigating whether health service GGD is complying with privacy rules with its coronavirus test line, the call center where Netherlands residents can book a Covid-19 test and which calls with their results. This follows stories of former employees still having access to personal data, even…