Genevieve Stark, Andrew Moore, Vincent Cannon, Jacqueline O’Leary, Nalani Fraser, and Kimberly Goody of FireEye write: Mandiant Threat Intelligence recently promoted a threat cluster to a named FIN (or financially motivated) threat group for the first time since 2017. We have detailed FIN11’s various tactics, techniques and procedures in a report that is available now by…
Category: Commentaries and Analyses
Tyler Technologies finally paid the ransom to receive the decryption key
Pierluigi Paganini reports: Tyler Technologies has finally decided to paid a ransom to obtain a decryption key and recover files encrypted in a recent ransomware attack. Tyler Technologies, Inc. is the largest provider of software to the United States public sector. At the end of September, the company disclosed a ransomware attack and its customers reported…
Data leak at Covid testing call center under investigation
NL Times reports: The Dutch data protection authority AP is investigating whether health service GGD is complying with privacy rules with its coronavirus test line, the call center where Netherlands residents can book a Covid-19 test and which calls with their results. This follows stories of former employees still having access to personal data, even…
Germany: No GDPR damages after data breach
Seen at DLA Piper: One of the many open questions of data protection law in Europe is how compensation for “non-material damage” will be calculated. In contrast to personal injury claims where lawyers have (hundreds of) years of case law to call upon to help calculate compensation, there is comparatively little case law considering how…
Documents give details on Hennepin Healthcare employees fired for ‘improperly’ accessing George Floyd records
Hannah Flood reports: The public is learning more about some employees at Hennepin HealthCare who were fired for accessing George Floyd’s medical information when they weren’t supposed to. An attorney for Floyd’s family was notified last month that his medical records were accessed multiple times by employees at the hospital, violating Floyd’s medical privacy and…
“Front Door” into BazarBackdoor: Stealthy Cybercrime Weapon
Roman Marshanski & Vitali Kremez write: BazarBackdoor is the newer preferred stealthy covert malware leveraged for high-value targets part of the TrickBot group toolkit arsenal. It consists of two components: a loader and a backdoor. [1] Loaders are an essential part of any cybercrime campaign. They start the infection chain by distributing the payload. In…