Mathew J. Schwartz reports: Ransomware gangs are increasingly not just claiming that they’ll leak stolen data from victims that don’t meet their ransom demand, but actually following through. […] Speaking at Information Security Media Group’s Virtual Cybersecurity Summit: New York last week, attorney Craig Hoffman, who’s co-leader for the digital risk advisory and cybersecurity team at BakerHostetler, said…
Category: Commentaries and Analyses
National Cyber Awareness System Alert: FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks
Summary This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Command (USCYBERCOM). Working with U.S. government partners, CISA, Treasury, FBI, and USCYBERCOM identified malware and indicators of compromise (IOCs) used by the…
New SunCrypt Ransomware sheds light on Maze’s ransomware cartel
Lawrence Abrams reports: A new ransomware named SunCrypt has joined the ‘Maze cartel,’ and with their membership, we get insight into how these groups are working together. In June, we broke the story that the Maze threat actors created a cartel of ransomware operations to share information and techniques to help each other extort their victims. Read more on BleepingComputer.
Unsophisticated Iranian hackers armed with ransomware are targeting companies worldwide
Brooke Crothers reports: Unsophisticated Iranian hackers are attacking company networks with ransomware, a cybersecurity firm said. The attackers have been using Dharma ransomware “and a mix of publicly available tools” to target companies in Russia, Japan, China and India, cybersecurity firm Group-IB said earlier this week. Read more on Fox News.
Ransomware – The New (Too-High) Cost of Doing Business
Gemini Advisory has released a paper that makes the point that in 2020, it may be best to view ransomware incident costs as part of the cost of doing business. And with more people working from home these days, there is an increased risk of security incidents, as threat actors may be able to relatively…
Experian only informed Information Regulator months after hack
Admire Moyo reports: The Information Regulator is concerned about the hacking of credit bureau Experian, which occurred less than two months after the commencement of the Protection of Personal Information (POPI) Act. This week, Experian, a consumer, business and credit information services agency, confirmed it experienced a data breach which exposed the personal information of as many…