There’s an update to the case involving Ardit Ferizi, whose criminal history and conviction for hacking and providing material support to a terrorist organization have been covered previously. Just last month, Ferizi had been sentenced to 20 years in prison, but was granted a reduction to time served plus 10 years supervised release, to be…
Category: Commentaries and Analyses
Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers
A Proposed Rule by the Comptroller of the Currency, the Federal Reserve System, and the Federal Deposit Insurance Corporation on 01/12/2021 This document has a comment period that ends in 90 days. (04/12/2021). You can submit a formal comment on it. Summary: The OCC, Board, and FDIC (together, the agencies) invite comment on a notice of proposed rulemaking (proposed rule or…
Kaspersky Lab autopsies evidence on SolarWinds hack
Gareth Corfield reports: Kaspersky Lab reckons the SolarWinds hackers may have hailed from the Turla malware group, itself linked to Russia’s FSB security service. Referring to the hidden backdoor secretly implanted in SolarWinds’ Orion product, Kaspersky’s Georgy Kucherin wrote in a blog post on Monday: “While looking at the Sunburst backdoor, we discovered several features that overlap…
From the frying pan into the fire: Thai business angers hackers
DataBreaches.net seems to be the only site willing to report on certain breaches in Thailand these days. First it was the hack of Country Group Securities (CGSEC) by hackers calling themselves ALTDOS. And now this week, this site reported a second attack by the same threat actors that involved MONO Next Public Company. As previously…
Some ransomware gangs are going after top execs to pressure companies into paying
Catalin Cimpanu reports: A new trend is emerging among ransomware groups where they prioritize stealing data from workstations used by top executives and managers in order to obtain “juicy” information that they can later use to pressure and extort a company’s top brass into approving large ransom payouts. ZDNet first learned of this new tactic earlier…
And yet more ransomware variants…
Pop quiz: Which one of these is not a new ransomware noted recently: Sharp Knot Chinese Take-Out Hidden Tear Babuk Niros Bonsoir Not sure? I can’t keep up with all the variants and new types. But thankfully, there’s BleepingComputer, where I can find a weekly rundown on developments. Read their rundown from this week and…