Yesterday, Gemini Advisory released a report on some of its research into what they are calling the “Keeper” Magecart Group. Their findings are simultaneously impressive and concerning. From their report, this summary of their key findings: Gemini discovered that the “Keeper” Magecart group, which consists of an interconnected network of 64 attacker domains and 73…
Category: Commentaries and Analyses
How Cyberinsurance Is Responding to Ransomware: An Interview with Ken Suh, Mark Singer, and Marcello Antonucci
Daniel Solove writes: Ransomware has long been a scourge, and it has been growing into a pandemic with no signs of slowing down. I recently had the opportunity to discuss ransomware with several experts at Beazley. Based in Chicago, Ken Suh is the focus group leader for cyber & tech claims at Beazley. Mark Singer is a cyber & tech claims…
Extraterritorial Application of the Computer Fraud and Abuse Act
William K. Kane and Melissa M. Mikhail of SheppardMullin write: A brazen and sophisticated computer intrusion into the records of over 145 million Americans launched from computer hackers based in China led to recent criminal prosecutions under the Computer Fraud and Abuse Act. [1] Courts are willing to extend American law beyond U.S. boundaries often when criminal…
The Case Against EU Cyber Sanctions for the Bundestag Hack
Stefan Soesanto writes: The German Ministry of Foreign Affairs informed Moscow on May 28 that the German federal prosecutor had issued a sealed arrest warrant for Russian military intelligence officer Dmitriy Sergeyevich Badin over the 2015 Bundestag hack. Among other items, the hack resulted in the exfiltration of 16 GB of sensitive emails and documents and necessitated…
NYS: Comptroller’s audits continue: Urban Choice Charter School
For a number of years now, I’ve noted NYS comptroller audits of school districts when it comes to IT and infosecurity. Here’s one that was recently released concerning Urban Choice Charter School in Rochester: Issued Date June 12, 2020 Audit Objective Determine whether the Board and School officials ensured information technology (IT) assets were safeguarded….
A new Malware strain dubbed as ‘Lucifer’ is affecting most of the Windows PCs, abusing critical vulnerabilities
Metal Messiah reports: A new variant of a powerful cryptojacking and DDoS-based malware is exploiting severe vulnerabilities in Windows machines, and affecting them in the process. Dubbed as “Lucifer”, this new malware is part of an active campaign against Windows hosts and uses a variety of ‘exploits’ in the latest wave of attacks, Palo Alto Networks’…