Asha Barbaschow reports: Atlassian believes Australia’s encryption-busting legislation continues to have a negative impact on the country’s technology sector, both from the perspective of partnering with an Australian company and attracting tech talent down under. “The Act’s passage has significantly degraded the global reputation of the Australian tech sector, as local companies and multinationals alike…
Category: Commentaries and Analyses
Inside “Phobos” Ransomware: “Dharma” Past & Underground
Bridgit Sullivan writes: Phobos is a type of Advanced Encryption Standard (AES) ransomware that was first seen in October 2017 but became increasingly active in 2019. Also referred to as Phobos NextGen or Phobos Not Dharma, Phobos ransomware is extremely similar to the Dharma and Crysis ransomware family due to the same Dharma codebase. It…
VA sending letter to 1,501 Montana vets about business associate ransomware incident
The Great Falls Tribune reports: The U.S. Department of Veterans Affairs Veterans Health Administration on Thursday announced actions taken to protect veterans’ personal information following a recent privacy breach involving files from the Montana VA Health Care System. Officials said they were notified June 4, by former contractor Benefits Recovery Specialists Inc. of “a data…
Small Health Care Provider Fails to Implement Multiple HIPAA Security Rule Requirements
There’s been a rare sighting of a 2020 HHS settlement of HIPAA charges. An almost 10-year old report of what would be a relatively small breach led to an investigation that uncovered persistent failures to implement the HIPAA Security Rule. From HHS: Metropolitan Community Health Services (Metro), doing business as Agape Health Services, has agreed…
Inside REvil Extortionist “Machine”: Predictive Insights
A new paper by AdvIntel is out, and it looks at the psychology of REvil, something that it obviously of great interest to me: We have investigated REvil’s discourse and behavior by applying the methodologies and concepts of criminal psychology to identify the group’s unique characteristics revealed by their recent involvement in large, ethically questionable…
No-Log VPNs Exposed Users’ Logs and Personal Details for All to See
Ugh. vpnMentor reports: A group of free VPN (virtual private network) apps left their server completely open and accessible, exposing private user data for anyone to see. ….. Each of these VPNs claims that their services are “no-log” VPNs, which means that they don’t record any user activity on their respective apps. However, we found multiple…