Catalin Cimpanu reports: Hackers have gained access to government networks by combining VPN and Windows bugs, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said in a joint security alert published on Friday. Attacks have targeted federal and state, local, tribal, and territorial (SLTT) government networks. Attacks against non-government…
Category: Commentaries and Analyses
Ryuk’s Return
From The DFIR Report: The Ryuk group went from an email to domain wide ransomware in 29 hours and asked for over $6 million to unlock our systems. They used tools such as Cobalt Strike, AdFind, WMI, vsftpd, PowerShell, PowerView, and Rubeus to accomplish their objective. Ryuk has been one of the most proficient ransomware…
This stealthy hacker-for-hire group is using phishing, malicious apps and zero-day attacks against its victims
Danny Palmer reports: An extensive cyber-espionage operation by a hacker-for-hire group that uses phishing, social engineering, malicious apps, custom malware and zero-day attacks has been secretly targeting governments, private industry and individuals for years in what’s described as a diverse, patient and elusive hacking enterprise. Dubbed Bahamut, the mercenary hacking group has been carrying out extensive operations against…
OCR Settles Ninth Investigation in HIPAA Right of Access Initiative
From HHS, yesterday: The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) announces that it has settled its ninth enforcement action in its HIPAA Right of Access Initiative. OCR announced this initiative as an enforcement priority in 2019 to support individuals’ right to timely access to their health…
Office of the Comptroller of the Currency fines Morgan Stanley $60 million for 2016 data breach
Brendan Pedersen reports: Morgan Stanley was slapped with a $60 million fine by regulators Thursday for risk management problems tied to a 2016 data breach. The consent order by the Comptroller of the Currency cited failures at both Morgan Stanley Bank, N.A., and Morgan Stanley Private Bank, N.A. related to the shutdown of two wealth…
Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work
Brian Krebs reports: There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in. But judging from the proliferation of…