A few weeks ago, this site published a post about a hack of DataViper.io. In that post, I erroreously reported that Vinny Troia had admitted to selling and trading stolen data, which he justified as part of his undercover work. Later in the post, I also prefaced a statement with “Given that…” Those statements were…
Category: Commentaries and Analyses
No More Ransom: How 4 Million Victims of Ransomware Have Fought Back Against Hackers
A press release from Europol: While the world is in the grip of a coronavirus outbreak, another virus is quietly wreaking havoc. Although this virus has been around for years, its cases have been rising alarmingly in the past few months and has brought critical activities such as hospitals and governments to a standstill. This…
Atlassian says encryption-busting law has damaged Australia’s tech reputation
Asha Barbaschow reports: Atlassian believes Australia’s encryption-busting legislation continues to have a negative impact on the country’s technology sector, both from the perspective of partnering with an Australian company and attracting tech talent down under. “The Act’s passage has significantly degraded the global reputation of the Australian tech sector, as local companies and multinationals alike…
Inside “Phobos” Ransomware: “Dharma” Past & Underground
Bridgit Sullivan writes: Phobos is a type of Advanced Encryption Standard (AES) ransomware that was first seen in October 2017 but became increasingly active in 2019. Also referred to as Phobos NextGen or Phobos Not Dharma, Phobos ransomware is extremely similar to the Dharma and Crysis ransomware family due to the same Dharma codebase. It…
VA sending letter to 1,501 Montana vets about business associate ransomware incident
The Great Falls Tribune reports: The U.S. Department of Veterans Affairs Veterans Health Administration on Thursday announced actions taken to protect veterans’ personal information following a recent privacy breach involving files from the Montana VA Health Care System. Officials said they were notified June 4, by former contractor Benefits Recovery Specialists Inc. of “a data…
Small Health Care Provider Fails to Implement Multiple HIPAA Security Rule Requirements
There’s been a rare sighting of a 2020 HHS settlement of HIPAA charges. An almost 10-year old report of what would be a relatively small breach led to an investigation that uncovered persistent failures to implement the HIPAA Security Rule. From HHS: Metropolitan Community Health Services (Metro), doing business as Agape Health Services, has agreed…