Privacy law scholar Daniel Solove writes: The U.S. Court of Appeals for the 5th Circuit just issued a blistering attack on HIPAA enforcement by the U.S. Department of Health and Human Services (HHS). In University of Texas M.D. Anderson Cancer v. Department of Health and Human Services (No. 19-60226, Jan. 14, 2001), the 5th Circuit struck down a fine…
Category: Commentaries and Analyses
Interview With a Russian Cybercriminal
Kelly Sheridan reports: IT security practitioners spend a lot of time strategizing ransomware defense, but many know little about the criminals plotting attacks. Who is the person behind a devastating ransomware campaign? Why did they choose a specific target? What about cybercrime appeals to them? To better understand the attacker’s perspective, Cisco Talos researchers interviewed…
The Blackbaud ransomware breach — impact on school clients
In July, 2020, cloud software firm Blackbaud announced that it had been the victim of a ransomware attack that began in February of 2020 and continued until Blackbaud was able to kick the attackers out of their system in May. In order to try to protect their clients from having personal and sensitive information on…
Experian says it is investigating if involved in Brazil data breach
Muvija M reports that the owner of a massive database with information on millions of Brazilians is still undetermined and under investigation: Credit data firm Experian said on Monday it was continuing to investigate whether the personal data of millions of people in Brazil that was found to be illegally offered for sale online could…
As predicted, big jump in RDP attacks as hackers target staff working from home
When everyone started working from home, one of the first predictions was that there would be more breaches related to the use of Remote Desktop Protocol (RDP). RDP is used by vendors or business associates to connect to their clients’ systems. As such, it’s a valuable tool, but left enabled instead of disabled, it provides…
Blockchain transactions confirm murky and interconnected ransomware scene
Catalin Cimpanu reports: A report published today by blockchain investigations firm Chainalysis confirms that cybercrime groups engaging in ransomware attacks don’t operate in their own bubbles but often switch ransomware suppliers (RaaS services) in a search for better profits. The report analyzed how Bitcoin funds were transferred from victims to criminal groups, and how the…