Ugh. I’ve been so busy adding Blackbaud incident-related reports to my worksheets that I maintain for my research with Protenus for Breach Barometer that I forgot to post some incidents here. Thankfully, a kind reader gave me a gentle poke to let you know that Lisa Schenker reported that NorthShore University HealthSystem is notifying approximately 348,000…
Category: Commentaries and Analyses
Meet the Middlemen Who Connect Cybercriminals With Victims
Kelly Sheridan reports: Ransomware operators looking for victims can find them on the Dark Web, where initial access brokers publish listings containing vague descriptions of businesses they’ve managed to breach. Initial access brokers, the “middlemen” of ransomware attacks, have noticed demand for their services surge as ransomware-as-a-service (RaaS) gains popularity. Their listings have steadily increased…
Paytm Mall sends legal notice to Cyble after Cyble reports an alleged breach
I’ve covered data security concerns involving digital payment services Paytm in the past, but I didn’t pick up a recent claim by Cyble because their post relied on a tip from “KelvinSec” about “John Wick.” And although Cyble provided a couple of redacted screenshots to support a claim that there had been some incident, Cyble…
FBI issues second alert about ProLock ransomware stealing data
Sergiu Gatlan reports: The FBI issued a second warning this week to alert US companies of ProLock ransomware operators stealing data from compromised networks before encrypting their victims’ systems. The 20200901-001 Private Industry Notification seen by BleepingComputer on September 1st comes after the MI-000125-MW Flash Alert on the same subject issued by the FBI four months ago, on…
No Rest For The Wicked: Evilnum Unleashes PyVil RAT
Research by: Tom Fakterman Over the course of the last few months, the Cybereason Nocturnus team has been investigating the activity of the Evilnum group. The group first emerged in 2018, and since then, Evilnum’s activity has been varied, with recent reports using different components written in Javascript and C# as well as tools bought from the Malware-as-a-Service provider Golden Chickens. The group’s…
Gartner Warns CEOs Will Be Personally Liable for Breaches by 2024
Fahmida Y. Rashid writes: Cyberattacks against connected devices having an impact on the physical world is not yet a commonplace occurance, but are very much in the realm of possibility. Hijacked medical devices may be unable to dispense life-saving drugs, or a connected car could receive instructions to crash itself and potentially injure the human…