Brooke Crothers reports: Unsophisticated Iranian hackers are attacking company networks with ransomware, a cybersecurity firm said. The attackers have been using Dharma ransomware “and a mix of publicly available tools” to target companies in Russia, Japan, China and India, cybersecurity firm Group-IB said earlier this week. Read more on Fox News.
Category: Commentaries and Analyses
Ransomware – The New (Too-High) Cost of Doing Business
Gemini Advisory has released a paper that makes the point that in 2020, it may be best to view ransomware incident costs as part of the cost of doing business. And with more people working from home these days, there is an increased risk of security incidents, as threat actors may be able to relatively…
Experian only informed Information Regulator months after hack
Admire Moyo reports: The Information Regulator is concerned about the hacking of credit bureau Experian, which occurred less than two months after the commencement of the Protection of Personal Information (POPI) Act. This week, Experian, a consumer, business and credit information services agency, confirmed it experienced a data breach which exposed the personal information of as many…
Law Enforcement Websites Hit by Blueleaks May Have Been Easy to Hack
Micah Lee reports: Whoever broke into 251 law enforcement websites and obtained the blueleaks trove of documents appears to have reused decades-old software for opening “backdoors” in web servers. The use of the widely available backdoors provides evidence that the hacktivist who compromised the sensitive sites, including fusion centers linked to federal agencies, didn’t need to use sophisticated…
Please stop hard-wiring AWS credentials in your code. Looking at you, uni COVID-19 track-and-test app makers
Thomas Claburn reports: Albion College has a plan for students to return safely to campus this fall amid the COVID-19 coronavirus pandemic. It involves being tracked by an app that, at least until a few days ago, appears to have been insecure. The Michigan institution announced its plan on July 28, which calls for testing coordinated by…
Report: “No Need to Hack When It’s Leaking:” GitHub Leaks of Protected Health Information
The message request showed up in my Twitter notifications: Hi There! 🙂 I see you have some experience in getting the right amount of attention for medicaid related data leaks. I have found admin credentials to some super sensitive medical billing processing system and get nothing but silence on all available contact channels and no…